On Mon, 5 Feb 2007, Dan Oetting wrote:
> On Jan 19, 2007, at 5:02 AM, Peder Magne Sefland wrote: > > >We use DHCP and I would like to get an sms-message when this > >mac-address enter the network. Can this be done today? > > On a small scale such as having only 1 MAC address that you need to catch, you > could configure your DHCP servers to assign this MAC a specific IP. > > With the suspect confined to a known set of IP addresses you could also setup > a sniffer on the external routes to capture all traffic from those IPs to see > for yourself if there is abuse. > > I am surprised that switches can't generate an SNMP trap whenever a new MAC > address is added to it's routing tables. You probably mean bridge table, anyway, are you sure? For Cisco I've read that you can do this: "You can generate SNMP traps whenever a MAC address change occurs by enabling the set snmp trap enable macnotification command in conjunction with enabling the set cam notification and set cam notification historysize commands." I haven't tested it yet, maybe someone out there has? We have SNMP trap on TODO for NAV 3.3, we are thinking of an implementation that can trigger certain scripts on a given snmp trap oid. We see to very interesting use cases: * when linkdown/up trap is detected update the cooresponding link value in the swport/gwport database table. * when a new mac address is seen/gone trigger a script that opens/closes corresponding machine tracker records (cam table). This script could also post alarms regarding wanted mac addresses. - Vidar _______________________________________________ nav-users mailing list [email protected] http://mailman.itea.ntnu.no/mailman/listinfo/nav-users
