University of Waterloo
ISTNS > NetworkServicesResources? > ISTNSResnetDHCP > ResnetOnaGuide
TWiki webs: Main | TWiki | Sandbox?   Log In or Register

Changes | Index | Search | Go

Resnet ona Guide

Overview

Open Network Administrator (ona) is a network management tool developed and maintained by the IST Network Services group. ona is used for campus wide network switch and router management, including resnet. This guide covers the ona functions that are provided for staff and RCC's in UW's Housing department and the Colleges.

If you have suggestions for improvements to either ona, or this guide, or if you would like to arrange to receive a tutorial on ona, please contact BruceCampbell

ona has features beyond those covered in this guide. The full ona manual is available here.

Getting Started

If you do not have access to ona, and you are either an RCC, or a staff member involved in resnet management, submit a request through IST's Request System for ona access, and also request to be added to the resnet mail list.

Once you have been granted ona access, visit the ona web page at https://istns.uwaterloo.ca and
click on the Open Network Administrator (cn-ona) link. When prompted, enter your uwuserid and password.

onamain.JPG

Screens and Navigation

Main Screen

After successful login, you will see the Main screen. You can return to the Main screen from most other ona screens, by clicking the Main button. The Main screen shows the list of network switches in your area, and some information about each. If a switch has a red background, it means the switch is down, and needs to be fixed.

onamain2.JPG

Switch Screen

Clicking on a switch name, like rn-sw-rena-1-1-a, from the Main screen opens a switch screen. The switch screen shows the list of ports on the switch, usually numbered 1 to 48 (in the Edit column).

  • A green background in the description field means the port is active (computer is attached and on). A red background means the port is inactive.
  • If an entire row has a red background, it means the port is administratively disabled. You can enable the port by clicking on the port number in the Edit column, and changing the State field to "enabled", and clicking either Change and Save Settings buttons.
  • The room shows the room which the port is connected to.
  • A grey background on the speed and duplex field shows the speed/duplex that was auto negotiated.
  • Maxmacs is the number of computers that may be connected. Usually "1", but should be set to "2" for ports serving VoIP phones or wireless APs. If Maxmacs has a red background, it means a MAC address intrusion has been detected (another computer has been attached, and blocked). Click on the port to see additional information including the intrusion log.
  • The vlan is the numerical vlan number (virtual lan)
  • The MAC, IP address and IP name show the current or most recent computer which was active on the port.
  • The Sync button reloads the switch configuration into ona and re-displays the switch screen, including anything that has changed since the last sync operation. ona automatically syncs all switches each night. It should rarely be necessary to use the Sync button, but there is no harm in using it. An example of where it is useful is to update the Red/Green backgrounds on the description fields, which indicate which ports are inactive/active.
  • The ClearMacs clears the secure MAC address table for the entire switch. This should rarely be necessary, as the secure MAC addresses are automatically cleared at the start of each term. If you need to clear the MAC address for a specific port, click on the port number in the Edit column, and use the ClearMac button on that specific port. If a port has a Learn mode of limited-continuous (denoted by (l) in the Max MACs column in the switch screen) the mac address is cleared automatically anytime the computer is disconnected, turned off, or left inactive for 5 minutes.
  • The ClearIntrusionFlags button clears the red backgrounds on the Maxmacs fields, which indicated that there were MAC address intrusions detected on the port. All MAC address intrusions are logged (click on the port number in the Edit screen to see them). If you clear the intrusion flags, and there is another intrusion, the Maxmacs field will go red again.
  • The UpdateMacs button refreshes the MAC, IP address and IP names. This is automatically done several times throughout the day.

onaswitch.JPG

Port Screen

Clicking on a port number, like 2 (in the Edit column), from a Switch screen, opens a port screen. You can return the the switch screen by clicking on the button with the switch name on it. From the port screen, you can disable/enable a port (the State field), set a Comment, clear the MAC address or intrusion flag, and view the change history, secure mac addresses, and intrusion log.

onaport.JPG

Search Screen

The Search button is available on the Main, switch, or port screen. The Search button opens the Search screen. There are 4 types of searches supported:

  • IP name, e.g. rn--renl-3-1-a16
  • IP address, e.g. 129.97.225.100
  • MAC address, e.g. 000157BA9D0E
  • Room, e.g. "RENL 311B"
    • To see the list of buildings that can be used in the room search, click on the Buildings button on the Main screen, and look down the left column. The Room search performs fuzzy searches, that is, you need only supply a partial building name or room. For example, a search for REN 311 will find any room with REN in the buiding, and 311 in the room.

Search by IP name, IP address or MAC address will attempt to find the current port on which the IP or MAC is located. For a historical search, select the Dynamic IP trace checkbox. Dynamic IP trace only works with IP names or addresses, it does not support MAC addresses or rooms.

Search screen

onasearch.JPG

Results of a room search

Click on the switch/port shown in the Edit column to enter the Port Screen for that port

roomfuzzy.JPG

Results of a dynamic IP trace

Click on the port in the portname column for the date/time desired, to enter the Port screen for that port

searchdynamic.JPG

Results of an IP name search

Click on the switch/port shown under Found..., to enter the Port screen for that port

searchip.JPG

Buildings Screens

The Buildings button on the Main screen opens the Building screen. The list of buildings is in the left column. The list of TRs (Telecommunications Rooms) for each building is in the right column.

The Buildings screens provide a way to navigate to the port(s) serving a given room.

onabuildings.JPG

Clicking on a building name in the left column displays the rooms in that building...

buildingrooms.JPG

Clicking on a room displays the port(s) for that room...

room.JPG

Changes Screen

The Changes button is on each switch screen. It lists a history of changes made to the switch.

onachanges.JPG

Main Ping Results Screen

ona keeps track of the last time each computer was active on the Ping Results screen. A list of subnets is shown.

onapingmain.JPG

Subnet Ping Screen

Clicking on an individual subnet from the Main Ping Results screen will list the hosts on that subnet.

onaping.JPG

Alerts Screen

The Alerts button is available on the Main screen, and on each switch screen. It shows a history of reboots and outages for the switches.

onaalerts.JPG

How To's

Finding the port for a given room

Use the Search screen or Buildings screen.

From the Buildings screen, click on the building in the left column, and then click on the room.

or

Use the Search screen. Enter the room number, e.g. V1 3101 and click Search. You do not need to enter the letter prefix or suffix for a room, or the full building code. The search will find all matching rooms.

The list of buildings as shown on the Buildings screen is below. If you can't remember the full code, just enter it partially, e.g. "REN" or "STP", or visit the Buildings screen for the list.

CGR Conrad Grebel
CLV Columbia Lake
MHR Minota Hagey
MKE Mackenzie King
MKW Mackenzie King
RENA Renison
RENC Renison
RENL Renison
RENM Renison
RENO Renison
REV Ron Eydt
STPA St Paul's
STPE St Paul's
STPW St Paul's
UEC UW Place
UET UW Place
UNC UW Place
USC UW Place
UWC UW Place
UWT UW Place
V1 V1
V1C? V1

Finding the port for a given IP name or IP address (or MAC address)

Use the Search screen. Enter the IP name, IP address, or MAC address, and click Search. The result is the most recent port for the supplied name/address.

If you need to determine where a given IP name/address was at a given date/time in the past, check the Dynamic IP trace checkbox. The result is the complete history of which MAC addresses have used the IP name/address, and which ports have been used by these MAC addresses. This is useful if you are investigating a report of misuse at a given date/time, by a given IP name/address.

Enabling/disabling a port

Once you have navigated to the port screen for the port desired, either by searching by IP name/address, by room, or by navigating from a switch screen, you may disable or enable the port by changing the State field, and clicking either of the Change and save settings buttons. Your change will be made, and displayed in the Port change history.

If you are disabling a port because of suspected misuse or virus infection, it is recommended to set the Comment field to something informative, so that other staff members are aware of the issue when the user comes to the help desk.

Important do not disable ports serving VoIP phones or wireless access points. These can be identified by a 2 in the Maxmacs field. A mechanism to allow disabling the computer without disabling the phone/AP will be provided soon.

Clearing the MAC address on a port

Resnet ports automatically clear themselves anytime the computer is disconnected, turned off, or left inactive for 5 minutes.

Edit | Attach | Print version | History: r6 < r5 < r4 < r3 < r2 | Backlinks | Raw View | Raw edit | More topic actions


Parents: NetworkServicesResources? > ISTNSResnetDHCP

This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback