Send netdisco-users mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.sourceforge.net/lists/listinfo/netdisco-users
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of netdisco-users digest..."
Today's Topics:
1. Re: snmpV3 (Oliver Gorwits)
2. Re: Multiple interfaces on routers (Oliver Gorwits)
3. Re: Multiple interfaces on routers (Hans Erasmus)
--- Begin Message ---
Hi Jansen
Now they came with something new. All switches, routers, firewalls
should have there own SNMPv3 credentials.
In the snmp_auth (or device_auth) setting, use the "only" option to
limit one stanza/tag to each device (switch, router, etc), using the
standard ACL syntax:
https://metacpan.org/pod/release/OLIVER/App-Netdisco-2.036011/lib/App/Netdisco/Manual/Configuration.pod#snmp_auth
and
https://metacpan.org/pod/release/OLIVER/App-Netdisco-2.036011/lib/App/Netdisco/Manual/Configuration.pod#ACCESS-CONTROL-LISTS
This will allow SNMPv3 creds different on any device, or group of
devices.
I hope this helps,
regards,
Oliver.
On 2017-10-25 09:19, Palermo Jansen wrote:
Hi,
I`m using Netdisco 2.0 with great satisfaction for several years now.
Its a real stable tool and it give you lots of information as a
network Engineer.
Over the years security is gaining popularity. And most company switch
to a saver network. As-well the company where i work for.
The security advisory board had decided to switch to SNMPv3. This is
no problem, and i adjust the configuration of Netdisco.
This was a year ago.
Now they came with something new. All switches, routers, firewalls
should have there own SNMPv3 credentials.
I was thinking how to implement it in the Netdisco, But i do not have
an answer yet. Does any one have the same problem or may has a
solution?
Greetings
Palermo
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Netdisco mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/netdisco-users
--- End Message ---
--- Begin Message ---
Hi Hans
We have a new version of Netdisco on CPAN in "development/testing"
release status which has significantly rewritten device discovery and
deduplication code. If you would like to try it out:
~netdisco/bin/localenv cpanm
https://cpan.metacpan.org/authors/id/O/OL/OLIVER/App-Netdisco-2.036012_003.tar.gz
You should also run ~netdisco/bin/netdisco-deploy after, to update the
DB schema, and then restart the backend daemon.
Either remove all devices or remove duplicate devices through the Admin
menu report "Duplicate Devices". Then future discover jobs will
hopefully not throw up duplicates!
Do let me know how you get on.
regards,
oliver.
On 2017-08-22 08:26, Hans Erasmus wrote:
Oh and I should add, where this thing is really showing is in the
Network Maps (drawing of device). It will show that one router has
40 connections to the USR-BB, where in fact, it will only have one.
Regards
Hans
On Tue, 22 Aug 2017 at 09:22 Hans Erasmus <[email protected]>
wrote:
Hi Oliver
No need to apologise. This is something one of our guru's has been
seeing for the past 10 years, and his fix was to assign a type of
primary key to the device once it is discovered. I will get more
detail on it and post it if you are interested. So the behaviour
is not new, and therefore not surprising. It is just way out of my
league to even try and attempt a fix for this.
Please can you tell me what the Duplicate Devices report (in the
Adminmenu) shows? Are all the duplicates listed there?
Well, I see a lot of duplicates on this list (293 to be exact but
the discovery is still running) like our PC LAB routers which have
multiple interfaces with multiple subnets connected to it. For
instance:
1 x /27 containing the Switch IP segment (SW MGMT)
1 x /24 containing the LAB PC segment (End Users)
1 x /31 containing the Uplinks to the User Backbone
1 or 2 (sometimes more) /30 interconnects between LAB routers to
ensure redundancy (multiple paths).
Also, can you let me know why you think "practically" this is
happening?
Well, in layman's terms, what happens is that as Netdisco goes
through the network whilst discovering, it will come across an IP
of say 1.1.1.1 on a router. This IP could possibly be the
gateway for 1.1.1.0/24 [3]. Now, taking the example above, let say
this /24 is the end-user segment. This same router could possibly
contain, like in our case, a different routed segment to service the
switch segment. Let call this 1.1.2.0/27 [4]. So the router must
have 1.1.2.1 configured as the gateway so the switches knows where
to go.
Only using these two segments as an example, we can clearly see that
one router could contain two different network segments and act as a
Gateway for both, and the one segment will not necessarily know
about the other. This helps in containing outages created by loops
etc. btw. In the eyes of Netdisco, these are two totally different
devices, as these two segments do not overlap, or are not part of
one another in any shape or form. And these two segments could have
been physically living across campus from each other. So Netdisco
(and any other discoverer worth it's salt) would handle these
segments separately. It will add 1.1.1.1 as a device, and add
1.1.2.1 as a device. But in reality, it is the same device. So maybe
netdisco could, when it discovers a new segment, first inspect
whether anything on that segment has been found on any of the
already discovered device's address tables, and only append the list
on that discovered device, not add a new device, I don't know? Just
throwing out ideas here.
To answer your last question, no, we do not make use of any VRF's.
Sorry if this explanation is not explanatory enough.
Regards
Hans
On Tue, 22 Aug 2017 at 08:44 Oliver Gorwits <[email protected]> wrote:
Hi Hans
On 2017-08-22 06:40, Hans Erasmus wrote:
When a router comes up that has more than one interface (our
user
backbone has 40 x /31's), netdisco will list that device as
discovered
40 times.
We have started to look at this issue, but are being cautious in
automatically de-duplicating in case there are scenarios where
multiple
devices should remain.
Please can you tell me what the Duplicate Devices report (in the
Admin
menu) shows? Are all the duplicates listed there?
Also, can you let me know why you think "practically" this is
happening?
Finally, are you using VRFs?
Many thanks, and apologies for the hassle this is causing.
regards,
oliver.
Is there any way (a script perhaps) in which we can tell
netdisco that it is the same device all along? Maybe have
some sort
of intelligent "check" whether the device discovered has the
same name
or any other details as any of the devices in the list already,
and
then flag it and ignore it from there? Just a thought.
Regards
Hans
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot [1]
_______________________________________________
Netdisco mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/netdisco-users [2]
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot [1]
_______________________________________________
Netdisco mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/netdisco-users [2]
Links:
------
[1] http://sdm.link/slashdot
[2] https://lists.sourceforge.net/lists/listinfo/netdisco-users
[3] http://1.1.1.0/24
[4] http://1.1.2.0/27
--- End Message ---
--- Begin Message ---
Hi Oliver
Will do so on Monday. Thanks for letting me know. I will be submitting the
feature request for a Ruijie class probably withon a month or so.
Will try this and let you know!
Thanks again!
Have a nice weekend
Hans
On Sat, 09 Dec 2017, 14:31 Oliver Gorwits, <[email protected]> wrote:
> Hi Hans
>
> We have a new version of Netdisco on CPAN in "development/testing"
> release status which has significantly rewritten device discovery and
> deduplication code. If you would like to try it out:
>
> ~netdisco/bin/localenv cpanm
>
> https://cpan.metacpan.org/authors/id/O/OL/OLIVER/App-Netdisco-2.036012_003.tar.gz
>
> You should also run ~netdisco/bin/netdisco-deploy after, to update the
> DB schema, and then restart the backend daemon.
>
> Either remove all devices or remove duplicate devices through the Admin
> menu report "Duplicate Devices". Then future discover jobs will
> hopefully not throw up duplicates!
>
> Do let me know how you get on.
>
> regards,
> oliver.
>
> On 2017-08-22 08:26, Hans Erasmus wrote:
> > Oh and I should add, where this thing is really showing is in the
> > Network Maps (drawing of device). It will show that one router has
> > 40 connections to the USR-BB, where in fact, it will only have one.
> >
> > Regards
> > Hans
> >
> > On Tue, 22 Aug 2017 at 09:22 Hans Erasmus <[email protected]>
> > wrote:
> >
> >> Hi Oliver
> >>
> >> No need to apologise. This is something one of our guru's has been
> >> seeing for the past 10 years, and his fix was to assign a type of
> >> primary key to the device once it is discovered. I will get more
> >> detail on it and post it if you are interested. So the behaviour
> >> is not new, and therefore not surprising. It is just way out of my
> >> league to even try and attempt a fix for this.
> >>
> >>> Please can you tell me what the Duplicate Devices report (in the
> >> Adminmenu) shows? Are all the duplicates listed there?
> >>
> >> Well, I see a lot of duplicates on this list (293 to be exact but
> >> the discovery is still running) like our PC LAB routers which have
> >> multiple interfaces with multiple subnets connected to it. For
> >> instance:
> >>
> >> 1 x /27 containing the Switch IP segment (SW MGMT)
> >> 1 x /24 containing the LAB PC segment (End Users)
> >> 1 x /31 containing the Uplinks to the User Backbone
> >> 1 or 2 (sometimes more) /30 interconnects between LAB routers to
> >> ensure redundancy (multiple paths).
> >>
> >>> Also, can you let me know why you think "practically" this is
> >> happening?
> >>
> >> Well, in layman's terms, what happens is that as Netdisco goes
> >> through the network whilst discovering, it will come across an IP
> >> of say 1.1.1.1 on a router. This IP could possibly be the
> >> gateway for 1.1.1.0/24 [3]. Now, taking the example above, let say
> >> this /24 is the end-user segment. This same router could possibly
> >> contain, like in our case, a different routed segment to service the
> >> switch segment. Let call this 1.1.2.0/27 [4]. So the router must
> >> have 1.1.2.1 configured as the gateway so the switches knows where
> >> to go.
> >> Only using these two segments as an example, we can clearly see that
> >> one router could contain two different network segments and act as a
> >> Gateway for both, and the one segment will not necessarily know
> >> about the other. This helps in containing outages created by loops
> >> etc. btw. In the eyes of Netdisco, these are two totally different
> >> devices, as these two segments do not overlap, or are not part of
> >> one another in any shape or form. And these two segments could have
> >> been physically living across campus from each other. So Netdisco
> >> (and any other discoverer worth it's salt) would handle these
> >> segments separately. It will add 1.1.1.1 as a device, and add
> >> 1.1.2.1 as a device. But in reality, it is the same device. So maybe
> >> netdisco could, when it discovers a new segment, first inspect
> >> whether anything on that segment has been found on any of the
> >> already discovered device's address tables, and only append the list
> >> on that discovered device, not add a new device, I don't know? Just
> >> throwing out ideas here.
> >>
> >> To answer your last question, no, we do not make use of any VRF's.
> >>
> >> Sorry if this explanation is not explanatory enough.
> >>
> >> Regards
> >>
> >> Hans
> >>
> >> On Tue, 22 Aug 2017 at 08:44 Oliver Gorwits <[email protected]> wrote:
> >>
> >>> Hi Hans
> >>>
> >>> On 2017-08-22 06:40, Hans Erasmus wrote:
> >>>> When a router comes up that has more than one interface (our
> >>> user
> >>>> backbone has 40 x /31's), netdisco will list that device as
> >>> discovered
> >>>> 40 times.
> >>>
> >>> We have started to look at this issue, but are being cautious in
> >>> automatically de-duplicating in case there are scenarios where
> >>> multiple
> >>> devices should remain.
> >>>
> >>> Please can you tell me what the Duplicate Devices report (in the
> >>> Admin
> >>> menu) shows? Are all the duplicates listed there?
> >>>
> >>> Also, can you let me know why you think "practically" this is
> >>> happening?
> >>>
> >>> Finally, are you using VRFs?
> >>>
> >>> Many thanks, and apologies for the hassle this is causing.
> >>>
> >>> regards,
> >>> oliver.
> >>>
> >>>> Is there any way (a script perhaps) in which we can tell
> >>>> netdisco that it is the same device all along? Maybe have
> >>> some sort
> >>>> of intelligent "check" whether the device discovered has the
> >>> same name
> >>>> or any other details as any of the devices in the list already,
> >>> and
> >>>> then flag it and ignore it from there? Just a thought.
> >>>>
> >>>> Regards
> >>>>
> >>>> Hans
> >>>>
> >>>
> >>
> >
> ------------------------------------------------------------------------------
> >>>> Check out the vibrant tech community on one of the world's most
> >>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot [1]
> >>>>
> >>>> _______________________________________________
> >>>> Netdisco mailing list
> >>>> [email protected]
> >>>> https://lists.sourceforge.net/lists/listinfo/netdisco-users [2]
> >>>
> >>>
> >>
> >
> ------------------------------------------------------------------------------
> >>> Check out the vibrant tech community on one of the world's most
> >>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot [1]
> >>> _______________________________________________
> >>> Netdisco mailing list
> >>> [email protected]
> >>> https://lists.sourceforge.net/lists/listinfo/netdisco-users [2]
> >
> >
> > Links:
> > ------
> > [1] http://sdm.link/slashdot
> > [2] https://lists.sourceforge.net/lists/listinfo/netdisco-users
> > [3] http://1.1.1.0/24
> > [4] http://1.1.2.0/27
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Netdisco mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/netdisco-users
>
--- End Message ---
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Netdisco mailing list - Digest Mode
[email protected]
https://lists.sourceforge.net/lists/listinfo/netdisco-users
