Technology Tables

Overview

Tables enable analysis and correlation of network state information and parameters on the fly. Most of the tables display live snapshot data generated by graph algorithms without a preexisting cache. The first load of a large table usually takes longer than subsequent loads, however all tables were built to handle large capacities and complex queries, so the outcome is likely to be better than analyzing the output in external applications like Excel.

Network or Site view

Tables display data for the whole network by default. To only display data for a specific site, select "site" from the drop down menu on the top left.

Table filtering

Simple or advanced filters can be applied to each table. By default, filtering is available above each column, and accepted filtering values can be strings, numbers, IP addresses, networks, boolean values, or selectbox values.

RegEx can be used in a string filter by adding "=~" after the expression. An exact match of the value can be achieved by adding "=" before the expression

Fields containing IP Addresses can be filtered by entering the IP/prefix length in the CIDR notation. For example, 10.0.0.0/25 will find addresses between and including 10.0.0.128 and 10.0.0.255.

Advanced filters can be used to construct arbitrary complex expressions by combining nested filters and filter groups with any number of logical AND and OR operators between them. Advanced filters can be saved and recalled for each specific table. Filters are stored per table and are available to all users.

Table Exports

Table outputs can be exported into CSV format for further processing and the text can be opened by any spreadsheet processor. In some cases, Microsoft Excel and Google Spreadsheets convert strings from the CSV files into dates, but these can remain as exact values by renaming the content to “=”“string”“” to force the spreadsheet to retain the original content.

Note: It may take several seconds to prepare an export of large tables.

Tooltips

Each table contains built in help with the table description by clicking on the question mark . Hover the mouse over the column name for a description of column content.

Column visibility

Tables can be especially large to facilitate easier information correlation, however not all columns need to always be visible. To hide or show individual columns, click the  (toggle column visibility) button and select which the columns to be displayed. The first column can be set as “sticky” to facilitate analysis of tables with many columns. Row height can be adjusted by selecting small, medium or large font.

Persistent table view

To improve usability, each table remembers the settings and filtering for each user . To reset a table to it’s original state, click the  (restore table settings) button on the right hand side of the column header.


Technology verification and analysis

Technology information is presented in descending OSI layers from the physical link layer, through to the network and management layers. Individual sections contain detailed state information that is represented in tables and graphs, either for the whole network or per-site as selected in the left-hand drop-down menu.


Platforms

Information about specific vendor technologies for chassis virtualization or aggregation are presented in this section.


Interfaces

The interfaces section provides detailed information about packet counters and undesired network states.

Interface transmission rates

Packet loss issues due to errors and drops are detailed for each direction, interface, and device where an issue occurs. Each packet loss issue is assigned an impact rating, based on the amount of productivity impact and the number of affected users, and the ratings range from non-impactful (1-5), to minor business productivity slowdowns (6-9), through to major productivity impacts (10+). The number of affected users depends on the topological location of an issue, with uplinks usually affecting more end hosts than access ports.

The transmission rates of packets per second and megabits per second are presented for each interface and device in each direction.

Interface state

The Half-Duplex table presents interfaces in the Half-Duplex mode. Most network equipment supports and prefers the full duplex setting. There are some exceptions when half duplex operation is necessary, and in such a cases all sides must be consistently set for half-duplex operations.

The ErrDisabled table presents information about interfaces disabled due to violations of operational parameters. Interfaces in an error state should be self-healed by the automatic recovery timers or recovered manually, to ensure no future repeats of the same violation.

Connectivity matrix

The connectivity matrix maps connection information between devices for the network protocols to form dynamic neighbor relationships. Each direction of the connection is represented on a separate line, therefore a bidirectional connection will be represented by two lines. The table can be filtered by protocol, interface, or hostname.


CDP/LLDP

The Discovery Protocols section provides information about link layer discovery protocols such as CDP and LLDP. “All neighbors” lists information about all neighborships. “Unmanaged neighbors” provides information for when a remote neighbor is not accessible. “Unidirectional neighbors” provides information when only one side can see the neighborship, creating a unidirectional state.


Port-channels

The Port-channels section covers information about port channels, which combine multiple physical links for load sharing and redundancy purposes. The section provides information about discovered channels and their members, alongside current rates and balancing ratios.


Spanning Tree

The Spanning Tree protocol prevents loops and manages redundancy in a layer 2 network. Spanning tree instances and contiguous domains are analyzed for stability and consistency.

For each spanning tree instance a number of parameters are presented, such as virtual ports present, root bridge and its priorities, instance diagrams, number of users, and instance convergence rate.

Spanning tree details range from spanning tree domain, which is contiguously interconnected to spanning tree instances, through to individual spanning tree ports.


Addressing

The Addressing section provides information about every IP address on every managed network infrastructure device.

IP addresses should be unique throughout the network, except for highly specialized applications like geographical service distribution via anycast. Duplicate IPs usually signify a network fault, such as loss of a keep alive link or misconfiguration, and actively managed duplicate IP addresses are listed in a separate table.


First hop redundancy protocols

The First Hop Redundancy Protocols section covers state analysis of HSRP and VRRP protocols. Redundancy protocols are not fully state aware due to a limited two-way handshake, resulting in undesired active/active or down/standby scenarios when unidirectional links are present and traffic black holing.


Networks

The Network section presents detailed information about the Layer 3 network state and routing convergence.

A network connected to any of the managed devices on the site is considered to be a managed network. Users represent the number of non-network ARP entries observed on the network routers and gateways present IP address of the corresponding managed device or devices. Both primary and secondary addresses are considered as gateways. Virtual gateways present the IP addresses of the First Hop Redundancy Protocol groups that are active in the network.

Each contiguous routing topology is considered to be a routing domain. Diagrams are presented for each routing domain in addition to a complete routing table comprised of all of the routing tables discovered in the network.


Routing Analysis

Individual routes

Detailed analysis of individual routes can performed through a cumulative routing table for parameters, such as route presence in a routing instance, next hop redundancy, route source and metrics, or next hop interfaces. Cumulative routing table contains all entries from all routing tables and all VRFs collected from all managed network devices with L3 routing capability. Each line represents a corresponding entry from the source routing table, normalized into a standard terse view. Table can be filtered per site, per device, per route, number of next hops, lowest metric of next hops, or other next hop information. Individual routes can be looked up as a string, or as a route for a specific IP address. For example, IP address of 10.0.0.1 will return routes 10.0.0.0/24 and 0.0.0.0/0, but not 10.0.1.0/24.

Routing consistency

Routing consistency and stability analysis can be performed using the routing stability table. The table lists all unique routed networks, the number of times route is observed, expressed in absolute and percentage values, and percentage of routes that have next hop age below certain threshold signifying convergence. The table can be used to verify if similar routes are present in the same number of the routing tables, find starting point for troubleshooting convergence, or check route distribution across the network, including verifying presence of a default route.


Management

Management section presents some best practice lifecycle compliance checks. “TELNET access” provides information about devices that allow telnet on the terminal line or are accessible through TELNET protocol, which can be undesired due to various policies or compliance protocols. “Configuration register” reports devices with an unusual configuration register or boot setting, which may cause issues at the next device reboot. “Unexpected reloads” reports unexpected reasons for device reload, such as software or hardware-caused crashes. “OS version consistency” presents the variation of OS versions within each platform family.


Security

The Security section contains information about access control lists on the network. The Access Lists section details each line from each access list present on each managed device. ACLs can be filtered by device/ACL name, protocol, address or port. The ACL Interfaces section details access lists as they are applied to the interfaces.


IP Telephony

Overview

The IP Telephony section provides information about all IP Phones (VoIP) and their clients that are detected on the network. Phone information is extracted using a link layer discovery protocol or MAC address.

IP Phones table

The table details network information of every discovered IP phone and their connected hosts. Phone IP is the IP address of the phone; Name is the short name of the phone; Phone MAC is the MAC address of the phone; Phone Int. is the network interface name of the IP Phone; User IP is the IP address of a host connected to the IP Phone; User MAC is the MAC address of a host connected to the IP Phone. In cases where there is more than a one host connected to the phone, a “multiple” message is displayed instead of the individual MAC addresses. Switch is the short name of the switch to which the VoIP phone is connected to and Switch Interface is the interface to which the VoIP phone is connected to.


Wireless

Overview

The Wireless Technology section provides information about Wireless Controllers, Wireless Access Points, and every individual client connected to the access point.

Wireless Controllers

The Wireless Controllers table provides an overview of all of the Wireless Controllers in the network, including the site where the controller is located, the short name of each controller, the number of access points registered to the controller, and the total number of wireless clients connected to the wireless access points which are registered to a particular controller.

Each controller entry enables the opportunity jump to the details of the registered wireless access points or to the individual clients connected to the access points.

Wireless Access Points

Site shows the name of the site where access point is located; Controller shows the name of the controller where the AP was found to be connected to; AP Name shows the host name of the Wireless Access Point; AP Port is the name of the interface on the Wireless Access Point which is used to connect to the wired network infrastructure; Switch Hostname is the name of an edge wired device an AP is connected to; Switch Port is the name of an interface on an edge wired device that an AP is connected to; Clients Count is the number of active clients connected to a particular Wireless Access Point.

Each entry for each wireless access point enables the opportunity to jump to the wireless client table detailing each client connection.

Wireless Clients

Site is the name of the site where the Access Point and the Client are located; AP Name is the hostname of the Wireless Access Point; Controller is the name of the controller where an AP is registered; Client MAC is the MAC address of the wireless host, such as a PC, tablet, phone, or wireless device; Client IP is the IP address of the wireless host, such as a PC, tablet, phone, or a wireless device; “In/Out/Bidir bps” is the wireless traffic rate for particular client in bits per second for inbound/outbound directions or combined for both directions; “In/Out/Bidir pps” is the wireless traffic rate for a client in packets per second for inbound and outbound directions or combined for both directions; Signal Strength is the wireless signal strength in dB; Signal to Noise Ratio is the wireless signal to noise ratio for the client in dB; State is the association state of the wireless client; Policy Manager State is the specific policy manager state of the client.


QoS

Overview

The QoS technology section provides information about all class-maps and applied policy-maps in the network, including the relationships between hierarchical policies, the class rates, and match parameters.

Applied Service-Policies

These provide details of every class of service policy applied to an interface from each managed network device. Each line represents an active class (which can be searched for by the offered or drop rates), the matching parameters of the class, and the parent policy. Site is the site where devices with the applied policy are located; Hostname is the short name of the device with the applied policy; Policy is the applied service policy name; Type is the type of applied service policy, depending on the direction or hierarchy; Interface is the interface the policy-map is applied to; Class is the specific class name of the policy map the detailed information is displayed for; Child or Parent policy is the policy-map name applied as a child to the class, or a parent policy of a policy of a class if present; Match is the match parameters of the class; Packets and Bytes are the number of matched packets and bytes for each class; Rate Offered is the bitrate of traffic attempting to pass through the class; Drop rate is the bitrate of dropped traffic.

Shaping

The shaping table details every class that has shaping action and the specific parameters of that class. Site is the site where devices with the applied policy is located at; Hostname is the short name of the device with the applied policy; Policy is the applied service policy name; Type is the type of applied service policy depending on the direction or hierarchy; Interface is the interface the policy-map is applied to; Class is the specific class name of the policy map the detailed information is displayed for; Child Policy is the policy-map name applied as a child to the class if present; Parent Policy is the policy-map name of a parent policy-map for this specific class if present; Match is the match parameters of the class; Shape Type is the Shaper bucket calculation type, Avegare (bc) or Peak (bc+be); CIR is the Committed Information Rate; BC is the Burst Committed (or bucket size); BE is the Burst Excess (or burst size); Target Rate is the maximum rate traffic is expected to leave the shaper over prolonged intervals.

Queuing

The queuing table details every class with queuing action along with each class's specific queuing parameters. Site is the site location of the devices with the applied policy; Hostname is the short name of the device with the applied policy. Policy is the Applied service policy name; Type is the Type of applied service policy according to direction or hierarchy; Interface is the interface the policy-map is applied to; Class is the Specific class name of the policy map detailed information is displayed for; Child policy is the policy-map name applied as a child to the class if present; Parent policy is the policy-map name of a parent policy-map for this specific class if present; Match is the match parameters of the class; Queue Limit is the Maximum depth of the queue; Bandwidth is the Minimum bandwidth reservation assigned to the queue and used by the scheduler; Queue depth is the current observed depth of the queue; Total Drops are the number of packet drops in a class; Packets Output is the number of packets sent by the class; Bytes Output is the number of bytes sent by the class.

Policing

This table details every class with a policing action with the specific policing parameters. Site is the site where devices with the applied policy are located; Hostname is the short name of the device with the applied policy; Policy is the applied service policy name; Type is the Type of the applied service policy according to direction or hierarchy; Interface is the interface the policy-map is applied to; Class is the specific class name of the policy map detailed information is displayed for; Child policy is the policy-map name applied as a child to the class if present; Parent Policy is the policy-map name of a parent policy-map for this specific class if present; Match is the match parameters of the class; Police type is the method of rate calculation; CIR is the committed information rate; BC is the burst committed; Action is the policing actions (or colors); Conformed is the number of packets, bytes, or rate in bits per second of traffic below the policing rate; Exceeded is the number of packets, bytes, or rate in bits per second of traffic exceeding the policing rate (or second color).

Priority

This table details every class with a priority action and associated specific priority parameters. Site is the site where devices with the applied policy are located; Hostname is the short name of the device with the applied policy; Policy is the Applied service policy name; Type is the type of the applied service policy according to direction or hierarchy; Interface is the interface the policy-map is applied to; Class is the specific class name of the policy map detailed information is displayed for; Child policy is the policy-map name applied as a child to the class, if present; Parent policy is the policy-map name of a parent policy-map for a specific class if present; Match is the match parameters of the class; Strict priority is the level or limit of prioritization; Drops is the number of packets dropped due to the excessive offered rate.

Marking

This table details every class with a marking action along with specific marking parameters. Site is the site where devices with the applied policy are located. Hostname is the short name of the device with the applied policy; Policy is the Applied service policy name; Type is the Type of the applied service policy according to the direction or hierarchy; Interface is the interface the policy-map is applied to; Class is the specific class name of the policy map the detailed information is displayed for; Child Policy is the policy-map name applied as a child to the class if present; Parent Policy is the policy-map name of a parent policy-map for this specific class if present; Match is the match parameters of the class; Set is the QoS bit specification standard; Value is the bit value being set; Packets is the number of packets marked by the class.

Random Drops

This table details every class with a random early drop detection action and associated specific random drop parameters. Site is the site where devices with the applied policy are located. Hostname is the short name of the device with the applied policy; Policy is the Applied service policy name; Type is the type of applied service policy according to direction or hierarchy; Interface is the interface the policy-map is applied to; Class is the specific class name of the policy map the detailed information displayed for; Child policy is the policy-map name applied as a child to the class if present; Parent Policy is the policy-map name of a parent policy-map for a specific class if present; Match is the class's match parameters; Random is the type of random drop used in a class; Min is the minimum probability queue depth threshold to consider a random drop; Max is the maximum probability queue depth threshold to consider for a random drop; Prob is the maximum probability of a drop to occur from the total number of packets being queued; Tx Pkts is the number of transmitted packets by class; Tx Bytes is the number of transmitted bytes by class; Random Drops Packets is the number of packets dropped by the algorithm; Random drops bytes is the number of bytes dropped by the algorithm; Tail Drops Packets is the number of packets dropped due to queue saturation; Tail Drops Bytes is the number of bytes dropped due to queue saturation.