Send netdisco-users mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.sourceforge.net/lists/listinfo/netdisco-users
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of netdisco-users digest..."
Today's Topics:
1. Netdisco 2 questions (Jeremy Bresley)
2. Re: Netdisco 2 questions (Michael Butash)
3. Service-provider setup / overlapping IP ranges (Charles Bueche)
4. Re: Service-provider setup / overlapping IP ranges (Simon Hobson)
5. Re: Service-provider setup / overlapping IP ranges
(Michael Butash)
6. Re: Service-provider setup / overlapping IP ranges
(Oliver Gorwits)
7. Re: Service-provider setup / overlapping IP ranges (Mark Cooper)
--- Begin Message ---
Got a new server in to replace our old Netdisco one, and I've gotten
Netdisco2 up and running on it to see if I want to make the jump to the
new version now or hold off for a while yet.
Couple questions for the group that came up while I'm getting everything
setup.
1. netdisco -F flag doesn't seem to be available in Netdisco 2, is
there an easy way to do a bulk discovery in Netdisco2?
2. User management. If you login as a user, doesn't seem to be any way
short of completely closing the browser to logout. Is this on the list
for a future release/feature request?
3. I've got about 120-150 users configured with local passwords on my
Netdisco 1 install. Is there a way to bulk add users and set them to
LDAP access in Netdisco 2?
Thanks for any pointers on these. I've looked through the docs I can
find, but Netdisco 2 docs seem to be harder to come by than Netdisco 1 docs.
Jeremy "TheBrez" Bresley
[email protected]
--- End Message ---
--- Begin Message ---
It would be useful to use some kind of enumeration in ldap to match
security group membership for authorization purposes, allowing role mapping
capability (group,group=role). Adding local users is a pain - have you
considered this for implementation at some point to remove local user
creation and make it more dynamic? Consider kerberos too as this is used a
lot for file-system access (ie. likewise, centrify).
Sadly windoze is still largely the source of truth for user accounts.
-mb
On November 27, 2013 9:22:32 PM Jeremy Bresley <[email protected]> wrote:
Got a new server in to replace our old Netdisco one, and I've gotten
Netdisco2 up and running on it to see if I want to make the jump to the new
version now or hold off for a while yet.
Couple questions for the group that came up while I'm getting everything setup.
1. netdisco -F flag doesn't seem to be available in Netdisco 2, is there
an easy way to do a bulk discovery in Netdisco2?
2. User management. If you login as a user, doesn't seem to be any way
short of completely closing the browser to logout. Is this on the list for
a future release/feature request?
3. I've got about 120-150 users configured with local passwords on my
Netdisco 1 install. Is there a way to bulk add users and set them to LDAP
access in Netdisco 2?
Thanks for any pointers on these. I've looked through the docs I can find,
but Netdisco 2 docs seem to be harder to come by than Netdisco 1 docs.
Jeremy "TheBrez" Bresley
[email protected]
------------------------------------------------------------------------------
Rapidly troubleshoot problems before they affect your business. Most IT
organizations don't have a clear picture of how application performance
affects their revenue. With AppDynamics, you get 100% visibility into your
Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
_______________________________________________
Netdisco mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/netdisco-users
--- End Message ---
--- Begin Message ---
Dear Netdisco fellows,
I'm using Netdisco 1.x in an "enterprise" network, where every IP is
guaranteed to be unique, and all is well. We have developed a very
customized front-end, using Netdisco database as one of the back-end.
Now I have a request to use Netdisco in a service-provider setup, where
we have conflicting / overlapping IP ranges. The idea is to use a
central NAT to reach all customer devices, so each IP is unique on the
NMS side, but obviously not unique on the customer switches and routers,
and certainly not on the customer nodes.
Our other NMS tools can live with this way of work, because they don't
collect IP information from customer-devices, or when they do, it's an
attribute that is stored locally to the device info, and never used as
primary key in a database.
I have seen that Netdisco uses the IP everywhere, and that in its
version 1.x, it will not be usable for my service-provider setup. Is
there a plan to enhance this, eg segregate the records using another
indexing system, or a "customer" attribute to the DB tables, or anything
fancy in that direction ?
Having multiple Netdisco instances is not an option, this does not scale
well, is expensive, and hard to maintain. So I will need to search for
alternatives, or develop something that fit, our extend Netdisco.
Opinions, ideas, links are all welcome :-)
Best regards,
Charles
--- End Message ---
--- Begin Message ---
Charles Bueche wrote:
>Now I have a request to use Netdisco in a service-provider setup, where
>we have conflicting / overlapping IP ranges. The idea is to use a
>central NAT to reach all customer devices, so each IP is unique on the
>NMS side, but obviously not unique on the customer switches and routers,
>and certainly not on the customer nodes.
The short and probably not very helpful answer is that NetDisco isn't designed
to work on broken networks. NAT and non-unique IPs == broken network as far as
IP addressing is concerned.
The perhaps less unhelpful answer is that I suspect you'll have to hack the
system yourself. My first thought is that you'd need to extend the IP address,
perhaps prepending it with a site-ID to make it unique.
--- End Message ---
--- Begin Message ---
The perception may be that they're "broken", but it's the reality that
networks are built like this now. We do things like anycasting, complex
identity nat, L3 mpls, overlapping 1918 space, etc, and simply put, nothing
commercial or oss knows what to make of our network topologically speaking.
Consider a network like AT&T that may transport thousands of 10/8 prefixes
non-uniquely in disparate vrfs, it would be prudent to embrace
contextualizing of address families in the long-term, even if just
defaulting to "global" for now.
We've been talking to a number of commercial monitoring solutions lately
that claim topology mapping, and reality is no one still has figured out
things like vrf and nat. We're making purchasing contingent (hopefully) on
them working with us to figure something out to deal with these challenges too.
-mb
On November 28, 2013 5:33:38 AM "Simon Hobson" <[email protected]> wrote:
Charles Bueche wrote:
>Now I have a request to use Netdisco in a service-provider setup, where
>we have conflicting / overlapping IP ranges. The idea is to use a
>central NAT to reach all customer devices, so each IP is unique on the
>NMS side, but obviously not unique on the customer switches and routers,
>and certainly not on the customer nodes.
The short and probably not very helpful answer is that NetDisco isn't
designed to work on broken networks. NAT and non-unique IPs == broken
network as far as IP addressing is concerned.
The perhaps less unhelpful answer is that I suspect you'll have to hack the
system yourself. My first thought is that you'd need to extend the IP
address, perhaps prepending it with a site-ID to make it unique.
------------------------------------------------------------------------------
Rapidly troubleshoot problems before they affect your business. Most IT
organizations don't have a clear picture of how application performance
affects their revenue. With AppDynamics, you get 100% visibility into your
Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
_______________________________________________
Netdisco mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/netdisco-users
--- End Message ---
--- Begin Message ---
On 2013-11-28 16:42, Michael Butash wrote:
The perception may be that they're "broken", but it's the reality
that
networks are built like this now. We do things like anycasting,
complex
identity nat, L3 mpls, overlapping 1918 space, etc, and simply put,
nothing
commercial or oss knows what to make of our network topologically
speaking.
Consider a network like AT&T that may transport thousands of 10/8
prefixes
non-uniquely in disparate vrfs, it would be prudent to embrace
contextualizing of address families in the long-term, even if just
defaulting to "global" for now.
I (and many others) would dearly love to see support for these features
in Netdisco. I think it will happen one day, but the database schema
changes required might make it something for Netidsco 3.
My mental roadmap is to get Netdisco 2 up to scratch (big thanks to all
helping with reports and patches), and then to start looking at
implementing just these kinds of features. I certainly don't think any
of it is impossible.
regards,
oliver.
We've been talking to a number of commercial monitoring solutions
lately
that claim topology mapping, and reality is no one still has figured
out
things like vrf and nat. We're making purchasing contingent
(hopefully) on
them working with us to figure something out to deal with these
challenges too.
-mb
On November 28, 2013 5:33:38 AM "Simon Hobson"
<[email protected]> wrote:
Charles Bueche wrote:
>Now I have a request to use Netdisco in a service-provider setup,
where
>we have conflicting / overlapping IP ranges. The idea is to use a
>central NAT to reach all customer devices, so each IP is unique on
the
>NMS side, but obviously not unique on the customer switches and
routers,
>and certainly not on the customer nodes.
The short and probably not very helpful answer is that NetDisco
isn't
designed to work on broken networks. NAT and non-unique IPs ==
broken
network as far as IP addressing is concerned.
The perhaps less unhelpful answer is that I suspect you'll have to
hack the
system yourself. My first thought is that you'd need to extend the
IP
address, perhaps prepending it with a site-ID to make it unique.
------------------------------------------------------------------------------
Rapidly troubleshoot problems before they affect your business. Most
IT
organizations don't have a clear picture of how application
performance
affects their revenue. With AppDynamics, you get 100% visibility
into your
Java,.NET, & PHP application. Start your 15-day FREE TRIAL of
AppDynamics Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
_______________________________________________
Netdisco mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/netdisco-users
------------------------------------------------------------------------------
Rapidly troubleshoot problems before they affect your business. Most
IT
organizations don't have a clear picture of how application
performance
affects their revenue. With AppDynamics, you get 100% visibility into
your
Java,.NET, & PHP application. Start your 15-day FREE TRIAL of
AppDynamics Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
_______________________________________________
Netdisco mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/netdisco-users
--- End Message ---
--- Begin Message ---
I'm thinking that it may be a combination of SNMP pulls and an SSH session
to parse output from some show commands when it comes to the VRF thing. I
build and run those sort of networks for multiple customers (the multi-VRF
implementations).
What else comes to mind, are some of the TCL scripts I used to write and run
on routers; some of them were specifically to craft output from multiple
show commands and then printf them into only the bits I wanted/needed to
show. We could do a similar thing here and have the TCL script installed on
the routers (and alias the command to run the TCL script). Then we get the
specific output we want to parse for the netdisco script to load the DB.
I don't think I'll have any real time to try this out over the holidays, but
starting next year I think I may have some time to put to it. Or if someone
else on this list has the time and knows enough about TCL scripting, they
could maybe work towards that. Could be a stop gap until netdisco3 comes
along.
May look something like, sh ip vrf, parse the interfaces involved, check
that against SNMP interfaces, segregate the topo map building into the VRF's
that were listed. So you use the VRFs to make labels to know which one is
which. I also suspect you'd want a user defined label to match those rd's
in case the VRF name (and rd's) are different across the network. You may
have to also parse a sh ip route vrf XXX to know what maps to what across
the network as you will not be able to obtain what the layer2 hops are in
the MPLS cloud. This could lead to confusion in the logic for building the
map.
It all depends on how different the rd's and VRFs are across the cloud from
one another. If it is seemingly flat, then it's no big deal, if they allow
other rd's to comingle with one another on the other side of the cloud
you'll only really discover what's going on via a sh ip route and matching
subnets/interfaces to one another per hop. I think it's the only way you
can be sure. Others here may already have this expertise and could better
elaborate.
But if I can help in building the piece that runs on the router and
generates output in a standard way that netdisco could then parse out, then
I'm all for helping out. Let me know what we think we want and the format
of it and it can be done.
Thanks,
Mark Cooper
Cooper's Communications
864-four oh four-0662 (Cell)
mark {at} coopscommo.com
-----Original Message-----
From: Oliver Gorwits [mailto:[email protected]]
Sent: Thursday, November 28, 2013 6:18 PM
To: [email protected]
Subject: Re: [Netdisco] Service-provider setup / overlapping IP ranges
On 2013-11-28 16:42, Michael Butash wrote:
> The perception may be that they're "broken", but it's the reality that
> networks are built like this now. We do things like anycasting,
> complex identity nat, L3 mpls, overlapping 1918 space, etc, and simply
> put, nothing commercial or oss knows what to make of our network
> topologically speaking.
> Consider a network like AT&T that may transport thousands of 10/8
> prefixes non-uniquely in disparate vrfs, it would be prudent to
> embrace contextualizing of address families in the long-term, even if
> just defaulting to "global" for now.
I (and many others) would dearly love to see support for these features in
Netdisco. I think it will happen one day, but the database schema changes
required might make it something for Netidsco 3.
My mental roadmap is to get Netdisco 2 up to scratch (big thanks to all
helping with reports and patches), and then to start looking at implementing
just these kinds of features. I certainly don't think any of it is
impossible.
regards,
oliver.
> We've been talking to a number of commercial monitoring solutions
> lately that claim topology mapping, and reality is no one still has
> figured out things like vrf and nat. We're making purchasing
> contingent
> (hopefully) on
> them working with us to figure something out to deal with these
> challenges too.
>
> -mb
>
>
> On November 28, 2013 5:33:38 AM "Simon Hobson"
> <[email protected]> wrote:
>> Charles Bueche wrote:
>> >Now I have a request to use Netdisco in a service-provider setup,
>> where
>> >we have conflicting / overlapping IP ranges. The idea is to use a
>> >central NAT to reach all customer devices, so each IP is unique on
>> the
>> >NMS side, but obviously not unique on the customer switches and
>> routers,
>> >and certainly not on the customer nodes.
>>
>> The short and probably not very helpful answer is that NetDisco isn't
>> designed to work on broken networks. NAT and non-unique IPs == broken
>> network as far as IP addressing is concerned.
>>
>> The perhaps less unhelpful answer is that I suspect you'll have to
>> hack the system yourself. My first thought is that you'd need to
>> extend the IP address, perhaps prepending it with a site-ID to make
>> it unique.
>>
>>
>> ---------------------------------------------------------------------
>> --------- Rapidly troubleshoot problems before they affect your
>> business. Most IT organizations don't have a clear picture of how
>> application performance affects their revenue. With AppDynamics, you
>> get 100% visibility into your Java,.NET, & PHP application. Start
>> your 15-day FREE TRIAL of AppDynamics Pro!
>>
>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.
>> clktrk _______________________________________________
>> Netdisco mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/netdisco-users
>>
>
>
>
>
> ----------------------------------------------------------------------
> -------- Rapidly troubleshoot problems before they affect your
> business. Most IT organizations don't have a clear picture of how
> application performance affects their revenue. With AppDynamics, you
> get 100% visibility into your Java,.NET, & PHP application. Start your
> 15-day FREE TRIAL of AppDynamics Pro!
>
> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.c
> lktrk _______________________________________________
> Netdisco mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/netdisco-users
----------------------------------------------------------------------------
--
Rapidly troubleshoot problems before they affect your business. Most IT
organizations don't have a clear picture of how application performance
affects their revenue. With AppDynamics, you get 100% visibility into your
Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics
Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
_______________________________________________
Netdisco mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/netdisco-users
--- End Message ---
------------------------------------------------------------------------------
Rapidly troubleshoot problems before they affect your business. Most IT
organizations don't have a clear picture of how application performance
affects their revenue. With AppDynamics, you get 100% visibility into your
Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
_______________________________________________
Netdisco mailing list - Digest Mode
[email protected]
https://lists.sourceforge.net/lists/listinfo/netdisco-users
