Diagnosing a CPE device

You can request diagnostic information and statistics, such as BGP, OSPF, and PIM protocol usage, from a CPE device. The diagnostic information returned in response to the request is displayed in the web interface of the orchestrator and, if necessary, can be downloaded as a TXT file.

Kaspersky SD-WAN also supports the following utilities for CPE device diagnostics:

• Ping is a utility for testing the connection between a CPE device and a specified IPv4 address. A report with the output of the utility is displayed in the orchestrator web interface.
• Traceroute is a utility for determining the route between a CPE device and a specified IPv4 address. A report with the output of the utility is displayed in the orchestrator web interface.
• Tcpdump is a utility for capturing traffic on a CPE device and writing this traffic to a report file. Capturing means a copy is made of the traffic, and the original traffic is relayed to its destination. The file with the captured traffic can be downloaded or deleted.
• Iperf is a utility for diagnosing network performance and writing the results to a report file. You can use the CPE device as an iperf server or as an iperf client. You can download or delete the network performance diagnostics file.
• Sweep is a utility for performing the following actions on a CPE device:
  • Clearing the ARP cache
  • Restarting the FRR (Free Range Routing) process
  • Clearing the NAT session table

Running an utility is a task that the CPE device receives from the orchestrator; the task obeys the time period configured for the CPE device for sending REST API requests to the orchestrator. If you want the utilities to run sooner, you can enable interactive mode on the CPE device.

In interactive mode, the CPE device uses a shorter interval for sending REST API requests to the orchestrator. Interactive mode ends automatically when the specified duration has passed. You can specify the following interactive mode settings when configuring the connection of a CPE device to the orchestrator and controller:

• The period to wait until the CPE device sends another REST API request to the orchestrator in interactive mode
• The time after which the interactive mode is automatically disabled

Requesting diagnostic information

To request diagnostic information:

1. In the menu, go to the SD-WAN → CPE section.

   A table of CPE devices is displayed.

2. Click the CPE device on which you want to request diagnostic information.

   The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand icon . By default, the Configuration tab is selected, which displays general information about the CPE device. This tab also displays the table of Out-of-band management tasks being performed by the orchestrator.

3. Select the Diagnostic information tab.

   The diagnostic information request parameters are displayed.

4. Click Request diagnostic information.
5. In the Name drop-down list, select the type of diagnostic information you want to display:
   • disk usage for information about the disk usage of the CPE device. Default value.
   • dump-flows for information about OpenFlow flows.
   • dump-groups for information about OpenFlow groups.
   • ip addresses for information about IP addresses assigned to physical ports or virtual interfaces of the operating system of the CPE device.
   • vrf data for information about virtual routing and forwarding tables.
   • ip neighbors for information about the IP neighbors of the CPE device, obtained from the ARP table or using the Neighbor Discovery Protocol.
   • ip routes for information about IPv4 and IPv6 routes.
   • ip rules for information about routing rules.
   • iptables for information about iptables.
   • cpe log for the local log of the CPE device.
   • ovs-ofctl show for information about the virtual switch.
   • ovs-vsctl show for information about the link between the virtual switch and controllers.
   • ovs-vsctl list controller for information about controllers specified for the virtual switch.
   • show ip ospf for Information about the OSPF routing process.
   • show ip ospf interface for information about OSPF interfaces.
   • show ip ospf neighbor - information about OSPF neighbors.
   • show ip ospf database for the OSPF database.
   • bgp show ip route for information about BGP routes.
   • show ip bgp for information about the BGP routing process.
   • show ip bgp summary for brief information about the BGP routing process.
   • top process for information about Linux processes.
   • uptime for information about the CPE device uptime.
   • time sync for information about time synchronization on the CPE device using an NTP server.
   • netstat for information about network links that the CPE device has established.
   • sdwan interfaces for information about SD-WAN interfaces.
   • modems for information about modems.
   • show bfd peers for information about BFD peers.
   • netflow dump-flows for information about NetFlow flows.
   • netflow statistics for information about the use of the NetFlow protocol.
   • show bfd peers brief for brief information about BFD peers.
   • show ip pim bsr for information about the current bootstrap router (BSR).
   • show ip pim bsrp-info for information about the group-to-rp mapping received from the boostrap router.
   • show ip pim interface for information about PIM interfaces. You can configure the PIM protocol when creating or editing a mutlicast interface.
   • show ip pim interface traffic for information about PIM traffic.
   • show ip pim join for information about multicast groups to which the CPE device is connected.
   • show ip pim neighbor for information about PIM neighbors.
   • show ip pim nexthop for information about the next hops of multicast groups.
   • show ip pim rp-info for information about rendezvous points. You can specify rendezvous points when specifying basic PIM settings.
   • show ip pim secondary for information about the backup PIM router.
   • show ip pim state for information about the state of the PIM protocol.
   • show ip pim statistics for Information about PIM protocol usage.
   • show ip pim upstream for information about PIM sources.
   • show ip igmp groups for information about IGMP groups.
   • show ip igmp interface for information about IGMP interfaces. You can configure IGMP when creating or editing a mutlicast interface.
   • show ip igmp interface detail for detailed information about IGMP interfaces.
   • show ip igmp sources for information about IGMP sources.
   • igmp statistics for information about IGMP usage.
   • show ip multicast for information about the multicast routing process.
   • show ip mroute for information about multicast routes.
   • show ip mroute summary for brief information about multicast routes.
   • vswitchd log for the log of the ovs-vswitchd process.
   • firewall config for information about the firewall.
   • sw version for the firmware version of the CPE device.
   • vrrp stats for brief information about VRRP usage.
   • vrrp data for information about VRRP usage.
6. If you want to filter the displayed diagnostic information:
   1. In the Find line by pattern field, enter words that must be found in the lines of diagnostic information that you want to be displayed. Maximum length: 64 characters. If you want to display only lines that do not contain the words you entered, select the Select non-matching lines check box. This check box is cleared by default.
   2. In the Print N lines before and after field, enter the number of blank lines you want to display before and after each line of diagnostic information.
7. If you want to download the file with diagnostic information, click Download file with latest data.

   An TXT file is saved on your local device.

Enabling interactive mode

You can specify the following interactive mode settings when configuring the connection of a CPE device to the orchestrator and controller:

• The period to wait until the CPE device sends another REST API request to the orchestrator in interactive mode
• The time after which the interactive mode is automatically disabled

To enable interactive mode:

1. In the menu, go to the SD-WAN → CPE section.

   A table of CPE devices is displayed.

2. Click the CPE device on which you want to enable interactive mode.

   The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand icon . By default, the Configuration tab is selected, which displays general information about the CPE device. This tab also displays the table of Out-of-band management tasks being performed by the orchestrator.

3. In the upper part of the settings area, click Enable interactive.

Interactive mode is enabled on the CPE device.

Running the ping utility

To run the ping utility:

1. In the menu, go to the SD-WAN → CPE section.

   A table of CPE devices is displayed.

2. Click the CPE device on which you want to run the ping utility.

   The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand icon . By default, the Configuration tab is selected, which displays general information about the CPE device. This tab also displays the table of Out-of-band management tasks being performed by the orchestrator.

3. Select the Utilities tab.

   By default, the Ping tab is selected, which displays the ping utility settings.

4. In the Destination IP address field, enter the IPv4 address to which you the CPE device sends ICMP requests.
5. If you want the CPE device to send ICMP requests from a certain created network interface, in the Source interface drop-down list, select the network interface.
6. In the Count field, enter the number of ICMP requests that the CPE device sends. Range of values: 1 to 1,000,000. Default value: 5.
7. In the Timeout (sec.) field, enter the time in seconds after which the CPE device must receive an ICMP response to consider the request a success. Range of values: 1 to 3600. Default value: 2.
8. In the Size field, enter the size of the ICMP request in bytes. Range of values: 1 to 65,535. The default value is 56.
9. In the TTL field, enter the maximum number of hops for ICMP requests. Range of values: 1 to 255. Default value: 255.
10. In the Interval field, enter the interval in seconds for the CPE device to use when sending ICMP requests to the specified IPv4 address. Range of values: 1 to 300. Default value: 1.
11. Click Run.

The ping utility is run on the CPE device, and a report containing the output of the ping utility is displayed in the lower part of the settings area.

Running the traceroute utility

To run the traceroute utility:

1. In the menu, go to the SD-WAN → CPE section.

   A table of CPE devices is displayed.

2. Click the CPE device on which you want to run the traceroute utility.

   The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand icon . By default, the Configuration tab is selected, which displays general information about the CPE device. This tab also displays the table of Out-of-band management tasks being performed by the orchestrator.

3. Select the Utilities → Traceroute tab.

   The traceroute utility settings are displayed.

4. In the Destination IP address field, enter the IPv4 address to which you the CPE device sends the series of ICMP requests.
5. If you want the CPE device to send the series of ICMP requests from a certain created network interface, in the Source interface drop-down list, select the network interface.
6. If you want the CPE device to use the DNS server to resolve IP addresses to domain names when creating the report with the output of the traceroute utility, select the Resolve DNS names check box. You can specify a DNS server when creating or editing a network interface. IP addresses that cannot be resolved to domain names are also displayed in the report. This check box is cleared by default.
7. In the Probes timeout (sec.) field, enter the time in seconds after which the CPE device must receive a series of ICMP responses to consider the series of ICMP requests a success. Range of values: 1 to 30. Default value: 3.
8. In the Max hops field, enter the maximum number of hops for the series of ICMP requests. Range of values: 1 to 60. Default value: 10.
9. Click Run.

The traceroute utility is run on the CPE device, and a report containing the output of the traceroute utility is displayed in the lower part of the settings area.

Running the tcpdump utility

If you have previously run the tcpdump utility, a report file was generated with the captured traffic. When you run the utility again, that report file is overwritten. You can download the previous report file if you want to keep it.

The tcpdump utility puts additional load on the CPU of the CPE device.

To run the tcpdump utility:

1. In the menu, go to the SD-WAN → CPE section.

   A table of CPE devices is displayed.

2. Click the CPE device on which you want to run the tcpdump utility.

   The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand icon . By default, the Configuration tab is selected, which displays general information about the CPE device. This tab also displays the table of Out-of-band management tasks being performed by the orchestrator.

3. Select the Utilities → Tcpdump tab.

   The tcpdump utility settings are displayed.

4. In the Capture interface drop-down list, select the created network interface on which you want to capture traffic.
5. In the Direction drop-down list, select the direction of the traffic you want to capture:
   • in to capture incoming traffic.
   • out to capture outgoing traffic.
   • in/out to capture both incoming and outgoing traffic. Default value.
6. If you want the CPE device to use the DNS server to resolve IP addresses to domain names when creating the report file with the captured traffic, select the Resolve DNS names check box. You can specify a DNS server when creating or editing a network interface. IP addresses that cannot be resolved to domain names are also reflected in the report file. This check box is cleared by default.
7. If you want to use a filter to capture traffic, in the Capture expression (tcpdump filter format) field, enter the syntax of the filter. Maximum length: 1024 characters. For example, you can use the following filters:
   • icmp to capture only ICMP traffic packets.
   • host 1.2.3.4 and (port 80 or 443) to capture only traffic packets with IPv4 address 1.2.3.4 and source or destination TCP port 80 or 443.
   • tcp[13] & 2 != 0 to capture only TCP SYN traffic packets.

   Detailed information about traffic filters can be obtained from the official tcpdump documentation.

8. In the Maximum capture time (sec.) field, enter the time in seconds after which traffic capture stops. Range of values: 10 to 600. Default value: 30.
9. In the Max. captured packets field, enter the number of traffic packets that you want collected before traffic capture stops. Range of values: 1 to 10,000. Default value: 1000.

   Traffic capturing stops when the time specified in the Maximum capture time (sec.) field passes, or when the number of traffic packets specified in the Max. captured packets field is captured.

10. Click Run.

The tcpdump utility is run on the CPE device, and a report file with the captured traffic is generated.

Running the iperf utility

If you have already run the iperf utility, a report file was generated with network performance diagnostics results. When you run the utility again, that report file is overwritten. You can download the previous report file if you want to keep it.

To run the iperf utility:

1. In the menu, go to the SD-WAN → CPE section.

   A table of CPE devices is displayed.

2. Click the CPE device on which you want to run the iperf utility.

   The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand icon . By default, the Configuration tab is selected, which displays general information about the CPE device. This tab also displays the table of Out-of-band management tasks being performed by the orchestrator.

3. Select the Utilities → Iperf tab.

   The iperf utility settings are displayed.

4. Specify the mode in which you want to use the iperf utility on the CPE device by selecting one of the following options:
   • Server to use the CPE device as an iperf server.
   • Client to use the CPE device as an iperf client.
5. If you chose the Server option, configure the iperf server:
   1. In the Port field, enter the TCP or UDP port number of the iperf server. Range of values: 1001 to 65,535. Default value: 7777.
   2. In the Report interval (sec.) field, enter the interval in seconds for writing lines to the report file. Range of values: 0 to 60. Default value: 3.
   3. If you do not want to create a report file with network performance diagnostics results, select the Do not report check box. This check box is cleared by default.
   4. Under Report format, select the format of the network performance diagnostics results in the report file:
      • Kbit/sec (default)
      • Mbit/sec
      • Kbyte/sec
      • Mbyte/sec
   5. In the Run server for (sec.) field, enter the duration in seconds for which you want the iperf server to run. Range of values: 60 to 3600. Default value: 300.
6. If you chose the Client option, configure the iperf client:
   1. In the Server IP field, enter the IPv4 address of the iperf server to which the client connects.
   2. In the Port field, enter the TCP or UDP port number of the iperf server to which the client connects. Range of values: 1001 to 65,535. Default value: 7777.
   3. In the Report interval (sec.) field, enter the interval in seconds for writing lines to the performance diagnostics report file. Range of values: 0 to 60. Default value: 3.
   4. If you do not want to create a report file with network performance diagnostics results, select the Do not report check box. This check box is cleared by default.
   5. Under Report format, select the format of the network performance diagnostics results in the report file:
      • Kbit/sec (default)
      • Mbit/sec
      • Kbyte/sec
      • Mbyte/sec
   6. In the Run client for (sec.) field, enter the duration in seconds for which you want the iperf client to run. Range of values: 60 to 3600. Default value: 60.
   7. Specify the port type of the iperf server by selecting one of the following options:
      • TCP (default).
      • UDP
   8. In the Client bitrate field, enter the bit rate of the iperf client in one of the following formats:
      • <bit rate in kbps>k or <bit rate in kbps>K

        For example, if you enter 10000K, the bit rate is 10,000 kbps.

      • <bit rate in Mbps>m or <bit rate in Mbps>M

        For example, if you enter 10M, the bit rate is 10 Mbps.

   9. In the Test direction drop-down list, select the direction of traffic that you want to use for measuring network performance:
      • client-server to use the traffic that the iperf client sends to the server. Default value.
      • server-client to use the traffic that the iperf server sends to the client.
      • bidirectional to use traffic that the iperf client sends to the server as well as the traffic that the iperf server sends to the client.
   10. If necessary, in the TCP windows size, bytes field, enter the TCP window size in bytes. If you do not specify a value for this parameter, the TCP window size is automatically detected.
   11. If necessary, in the TCP MSS, bytes field, enter the maximum TCP segment size in bytes.
7. Click Run.

The iperf utility is run on the CPE device, and a report file with the network diagnostics results is generated.

To manage the report file, click Download results.

Running the sweep utility

You can use the sweep utility to clear the ARP cache, restart the Free Range Routing (FRR) process, and/or clear the NAT session table on a CPE device.

Restarting the FRR process and clearing the NAT session table may cause traffic transmission to stop for a few seconds.

To run the sweep utility:

1. In the menu, go to the SD-WAN → CPE section.

   A table of CPE devices is displayed.

2. Click the CPE device on which you want to run the sweep utility.

   The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand icon . By default, the Configuration tab is selected, which displays general information about the CPE device. This tab also displays the table of Out-of-band management tasks being performed by the orchestrator.

3. Select the Utilities → Sweep tab.

   The sweep utility settings are displayed.

4. If you want to clear the ARP cache:
   1. Under Clear ARP-cache on interface, select the created network interface on which you want to clear the ARP cache. If you want to clear the ARP cache on all network interfaces, select All.
   2. Click Run.

   The ARP cache is cleared on the CPE device.

5. If you want to restart the FRR process, under Restart FRR (routing) process, click Run.

   The FRR process is restarted on the CPE device.

6. If you want to clear the NAT session table, under Clear NAT sessions table, click Run. You can configure NAT on a CPE device using a firewall.

   The NAT session table is cleared on the CPE device.

Managing report files

Report files are generated from the output of the tcpdump and iperf utilities. To display the table of report files on a CPE device, go to the SD-WAN → CPE menu section, click the CPE device, and select the Utilities → Files tab. Information about report files is displayed in the following columns of the table:

• Type is the type of the report file.
• Created is the date and time when the report file was created.

The actions you can perform with the table are described in the Managing solution component tables instructions.

Downloading a report file

To download a report file:

1. In the menu, go to the SD-WAN → CPE section.

   A table of CPE devices is displayed.

2. Click the CPE device from which you want to download the report file.

   The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand icon . By default, the Configuration tab is selected, which displays general information about the CPE device. This tab also displays the table of Out-of-band management tasks being performed by the orchestrator.

3. Select the Utilities → Files tab.

   A table of report files is displayed.

4. Click Download file next to the report file that you want to download.

An TXT file is saved on your local device.

Deleting a report file

Deleted report files cannot be restored.

To delete a report file:

1. In the menu, go to the SD-WAN → CPE section.

   A table of CPE devices is displayed.

2. Click the CPE device on which you want to delete a report file.

   The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand icon . By default, the Configuration tab is selected, which displays general information about the CPE device. This tab also displays the table of Out-of-band management tasks being performed by the orchestrator.

3. Select the Utilities → Files tab.

   A table of report files is displayed.

4. Click Delete next to the report file that you want to delete.
5. In the confirmation window, click Delete.

The report file is deleted and is no longer displayed in the table.