Send netdisco-users mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.sourceforge.net/lists/listinfo/netdisco-users
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of netdisco-users digest..."
Today's Topics:
1. Netdisco2 track all devices/ports that see a certain MAC
(Glen Pill)
2. Re: Netdisco2 track all devices/ports that see a certain MAC
(Jeroen van Ingen)
3. Re: Netdisco2 track all devices/ports that see a certain MAC
(Simon Hobson)
4. Re: Netdisco2 track all devices/ports that see a certain MAC
(Oliver Gorwits)
5. Re: Netdisco2 track all devices/ports that see a certain MAC
(Glen Pill)
6. Re: Netdisco2 track all devices/ports that see a certain MAC
(Brian Marshall)
7. No nodes displayed on some Switches (Grote Frank)
--- Begin Message ---
Hi all
I've just discovered netdisco2 and I'm most impressed.
I'd like to perform a L2 traceroute but would settle for a list of all
devices and ports that can see a defined MAC address. I've been
through the web UI but can't quite get the details I want. I can find
the source port of a MAC but would rather be able to view all devices
that can see the MAC. Is there a way to perform this via Web UI or
cli?
Thanks
Glen
Sent from my iPad
--- End Message ---
--- Begin Message ---
Hi Glen,
There used to be a L2 traceroute in Netdisco, but it showed a
theoretical path trough the network based on topology data, which could
be quite different from the actual path that packets would take.
If L2 traceroute were implemented though, running a traceroute would
(again) lead you to the source of a MAC address, from a starting point
that you choose.
Getting a list of devices that "see" a MAC is currently not implemented
in Netdisco. The data that you'd need isn't stored in the DB, because
there are very few use cases for it, while actually storing that data
would make the database *a lot* bigger.
What's your use case if I may ask, what are you trying to achieve?
Perhaps it would suffice to check which devices would theoretically be
able to see a MAC, eg by listing all devices that carry the VLAN where a
given MAC is learned in? That would work as long as you don't re-use
VLAN numbers in your network and assume that all uplink and downlink
ports are configured properly.
Regards,
Jeroen van Ingen
ICT Service Centre
University of Twente, P.O.Box 217, 7500 AE Enschede, The Netherlands
Telephone +31 53 489 2526, Fax +31 53 489 2383
[email protected]; http://www.utwente.nl/icts
On 10/06/2016 12:02 AM, Glen Pill wrote:
Hi all
I've just discovered netdisco2 and I'm most impressed.
I'd like to perform a L2 traceroute but would settle for a list of all
devices and ports that can see a defined MAC address. I've been
through the web UI but can't quite get the details I want. I can find
the source port of a MAC but would rather be able to view all devices
that can see the MAC. Is there a way to perform this via Web UI or
cli?
Thanks
Glen
Sent from my iPad
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Netdisco mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/netdisco-users
--- End Message ---
--- Begin Message ---
Jeroen van Ingen <[email protected]> wrote:
> Getting a list of devices that "see" a MAC is currently not implemented
> in Netdisco. The data that you'd need isn't stored in the DB, because
> there are very few use cases for it, while actually storing that data
> would make the database *a lot* bigger.
I hacked something up a while ago with shell scripts and a MySQL database. Just
slurped the MAC tables periodically and update the database - deleting anything
older than some cutoff point. Then I did a simple CGI script to allow me to
search by MAC or switch&port to query the database.
Very "quick-n-dirty" but useful for those rare occasions when I need it - and
of course I need to understand the topology to differentiate the port where the
device is connected from the other ports where it's "remote".
> What's your use case if I may ask, what are you trying to achieve?
If it's anything like me, trying to find out where a rogue device is connected
! Or less frequently, to see where something was connected just before it
popped up where it is.
--- End Message ---
--- Begin Message ---
On 2016-10-06 11:43, Simon Hobson wrote:
Jeroen van Ingen <[email protected]> wrote:
What's your use case if I may ask, what are you trying to achieve?
If it's anything like me, trying to find out where a rogue device is
connected ! Or less frequently, to see where something was connected
just before it popped up where it is.
I seem to recall someone wrote a system to accept SNMP traps reporting
nodes connecting, and update Netdisco DB in more real-time than the
hourly polling.
This would then use the existing "archived node" feature of Netdisco so
you could see the history of where the node was connected. I have seen
organisations use this for CERT work - the database can get to millions
of rows, particularly for wireless clients, but it's very useful and
seems to work well.
I don't know how complex that was (and I suspect Netdisco is lacking a
couple of API endpoints to make this straightforward).
regards,
oliver.
--- End Message ---
--- Begin Message ---
The use case is indeed to identify a rogue host, or a switch that is
learning the MAC from the wrong location. Performing this kind of
operation by hand can be tedious at best
I do like the idea of the real-time update of MACs rather than a huge poll
every hour -- it sounds just like I want. Does anyone have more details on
this?
Glen.
On Thu, 6 Oct 2016 at 09:02 Glen Pill <[email protected]> wrote:
Hi all
I've just discovered netdisco2 and I'm most impressed.
I'd like to perform a L2 traceroute but would settle for a list of all
devices and ports that can see a defined MAC address. I've been
through the web UI but can't quite get the details I want. I can find
the source port of a MAC but would rather be able to view all devices
that can see the MAC. Is there a way to perform this via Web UI or
cli?
Thanks
Glen
Sent from my iPad
--- End Message ---
--- Begin Message ---
If your switches support it, NetFlow/SFlow is probably the "correct"
solution for this. If they do, I would suggest NFSen. It is an excellent
tool that I have used successfully for years. I have actually created an
integration plugin for NetDisco2 that I will be releasing (along with
lots of others) once I get the whole CPAN thing figured out.
There are many instances where netdisco and nfsen can compliment each
other very well, and I'm only scratching the surface with my plugin.
-Brian Marshall
On 06/10/16 05:38 AM, Glen Pill wrote:
The use case is indeed to identify a rogue host, or a switch that is
learning the MAC from the wrong location. Performing this kind of
operation by hand can be tedious at best
I do like the idea of the real-time update of MACs rather than a huge
poll every hour -- it sounds just like I want. Does anyone have more
details on this?
Glen.
On Thu, 6 Oct 2016 at 09:02 Glen Pill <[email protected]
<mailto:[email protected]>> wrote:
Hi all
I've just discovered netdisco2 and I'm most impressed.
I'd like to perform a L2 traceroute but would settle for a list of all
devices and ports that can see a defined MAC address. I've been
through the web UI but can't quite get the details I want. I can find
the source port of a MAC but would rather be able to view all devices
that can see the MAC. Is there a way to perform this via Web UI or
cli?
Thanks
Glen
Sent from my iPad
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Netdisco mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/netdisco-users
--- End Message ---
--- Begin Message ---
Hello,
I´m using netdisco for a very long time and was very satisfied with V1, but now
I have ugraded to V2 and i have some strange behaviour.
I have HP Procurve Switches (5300xl, 5400zl and some smaller models...).
On one 5300xl I see all connected nodes with mac, ip and name and on another
5300xl I don´t see any of them, not even mac address. When I do a macsuck job
in debug mode the and examine the output, there is no section "UPDATE node",
where ips, macs, vlans and ports are aet in relation.
The lines which are different to the other working switches are the following:
[14072] 2016-10-10 14:09:51 debug [192.168.99.6] macsuck - 0 updated
forwarding table entries
[14072] 2016-10-10 14:09:51 debug [192.168.99.6] macsuck - removed 0 fwd table
entries to archive
Where does this come from? There are nodes on the switch, it even doesn work
when the device is deleted and rediscovered.
Mit freundlichen Grüßen / Best regards
[TK-Logo]
Frank Grote
Systemmanagement
Teekanne GmbH & Co. KG
Telefon:
+49 211 5085 538
Telefax:
+49 211 5085 497
Mobil:
+49 171 5598102
eMail:
[email protected]
www.teekanne.de<http://www.teekanne.de/>
TEEKANNE GmbH & Co. KG Sitz: Düsseldorf, Registergericht: Düsseldorf HRA 16976
Persönlich haftender Gesellschafter: TEEKANNE Holding GmbH, Sitz: Düsseldorf,
Registergericht: Düsseldorf HRB 732
Geschäftsführer: Reinhold Schlensok
Kevelaerer Straße 21-23, 40549 Düsseldorf, Deutschland
Telefon: +49 211 5085 0, Telefax: +49 211 5048 139
________________________________
Hinweis:
Diese E-Mail kann vertrauliche und/oder rechtlich geschuetzte Informationen
enthalten. Sollten Sie nicht der richtige Adressat sein oder diese E-Mail
irrtuemlich erhalten haben, informieren Sie bitte sofort den Absender und
loeschen diese E-Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe
dieser E-Mail ist nicht gestattet. Wir haben diese E-Mail vor dem Versenden auf
Virenfreiheit geprueft. Eine Haftung fuer Schaeden durch Virenbefall schliessen
wir aus.
Advice:
This e-mail may contain confidential and/or privileged information. If you are
not the intended recipient (or have received this e-mail in error) please
notify the sender immediately and delete this e-mail. Any unauthorized copying,
disclosure or distribution of the material in this e-mail is strictly
forbidden. This e-mail was checked for known viruses before sending therefore
we assume no liability.
________________________________
Bitte denken Sie an die Auswirkungen auf die Umwelt, bevor Sie diese Email
und/oder die Anhaenge ausdrucken.
Please consider the impact on the environment before printing this e-mail
and/or the attachment(s).
--- End Message ---
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Netdisco mailing list - Digest Mode
[email protected]
https://lists.sourceforge.net/lists/listinfo/netdisco-users
