Send netdisco-users mailing list submissions to
netdisco-users@lists.sourceforge.net
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.sourceforge.net/lists/listinfo/netdisco-users
or, via email, send a message with subject or body 'help' to
netdisco-users-requ...@lists.sourceforge.net
You can reach the person managing the list at
netdisco-users-ow...@lists.sourceforge.net
When replying, please edit your Subject line so it is more specific
than "Re: Contents of netdisco-users digest..."
Today's Topics:
1. Re: ARP matching for netdisco (Christian Ramseyer)
2. Re: ARP matching for netdisco (n...@erudicon.com)
--- Begin Message ---
Hi Muris
On 25.07.2024 06:27, Muris wrote:
Hey all,
Ive picked up another issue ive come across in relation to arpnip’s and
netdisco picking up for matching to mac addresses
* Ive found on ArubaOS controllers this does not work, and gets 0 arps
and ive seen it on a couple of Aruba switches or two. This is
running the netdisco-do arpnip function when I look at the output.
* Ive also noticed on Cisco SDWAN platform using Cisco ISR 1127/1131
which has VRF’s on a router it also doesn’t appear to match arps to
macs probably because it has VRFs?
I tried to use the SSH script in this instance but still didn’t work.
The routers I have are running IOS XE, which doesn’t seem to work with
the SSH collector, as that only has IOS and IOSXR
1) I wanted to ask, is there a troubleshooting method for arps
retrieval, and what part of code handles the arp matching?
> 3) What part of the code in netdisco looks at arp retrieval and then
> storing it into the db into particular method? Is there something that
> can be tweaked how it interprets the data, say for a Aruba Controller,
> or a Cisco router with vrfs etc
For 1 + 3 I use something like this:
Run netdisco-do arpnip on the commandline with debugging flags:
-D (always, general debugging)
-SI (snmp OIDs + snmp info layer)
-Q (DB queries, ignore unless you suspect a db issue)
e.g. "netdisco-do -DIS -d lab2-ce2 arpnip"
To see whats going wrong it's very helpful to compare a device with the
expected outcome to the one where stuff doesn't work.
From the debugging you can tell which OIDs are used, whether they send
back a response etc. I often also just forget about netdisco and try to
get what I need with regular snmpwalk/get, then figure out where the
mismatch is. Or conclude that the device does not have the data at all.
If you grep around in the code for strings appearing in the debug output
it's easy to find where stuff happens, e.g (shortened):
$ shopt -s globstar
$ egrep '(store_arp|processed.*ARP Cache)' **/* 2>/dev/null
lib/App/Netdisco/Util/Node.pm:=head2 store_arp( \%host, $now?, $device_ip )
lib/App/Netdisco/Util/Node.pm:sub store_arp {
lib/App/Netdisco/Util/Node.pm: debug sprintf 'store_arp - device %s mac
%s ip %s',
lib/App/Netdisco/Worker/Plugin/Arpnip/Nodes.pm:use
App::Netdisco::Util::Node qw/che
lib/App/Netdisco/Worker/Plugin/Arpnip/Nodes.pm: store_arp(\%$_, $now,
$device->ip)
Then just start hacking around in there until it works :)
2) What if I have a IOS XE router with vrf’s is it able to retrieve IP
to mac mappings? If I can do a “show arp vrf 2000” this shows the list,
but how do I make that available into netdisco?
I actually just tried this on regular IOS-XE and I seem to get all VRFs
from the regular SNMP method, e.g.:
# show version
Cisco IOS XE Software, Version 17.09.03a
Cisco IOS Software [Cupertino], ISR Software
(X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 17.9.3a, RELEASE SOFTWARE (fc2)
cisco ISR4331/K9
lab2-CE2#show vrf
Name Default RD Protocols
Interfaces
Mgmt-intf <not set> ipv4,ipv6 Gi0
VPRN-KTV1 65126:20923 ipv4,ipv6 Lo1
Gi0/0/0
Gi0/0/2.3811
lab2-CE2#show ip arp
lab2-CE2#show ip arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.18.220.233 89 4055.82a1.xxxx ARPA
GigabitEthernet0/0/2.3899
Internet 10.18.220.234 94 147b.ac00.xxxx ARPA
GigabitEthernet0/0/2.3899
Internet 10.18.220.238 - 70d3.791a.xxxx ARPA
GigabitEthernet0/0/2.3899
lab2-CE2#
lab2-CE2#show ip arp vrf VPRN-KTV1
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.18.199.129 89 4055.82a1.xxxx ARPA
GigabitEthernet0/0/2.3811
Internet 10.18.199.130 90 147b.ac00.xxxx ARPA
GigabitEthernet0/0/2.3811
Internet 10.18.199.134 - 70d3.791a.xxxx ARPA
GigabitEthernet0/0/2.3811
Internet 10.30.194.49 - 70d3.791a.xxxx ARPA
GigabitEthernet0/0/0
Internet 10.30.194.50 0 001c.7fa3.xxxx ARPA
GigabitEthernet0/0/0
lab2-CE2#
netdisco-do -D -d lab2-ce2 arpnip
...
[13904] 2024-07-26 15:24:42 debug => running workers for phase: store
[13904] 2024-07-26 15:24:42 debug -> run worker store/0 "arpnip::nodes"
[13904] 2024-07-26 15:24:42 debug resolving 8 ARP entries with max 50
outstanding requests
[13904] 2024-07-26 15:24:42 debug store_arp - device 10.18.165.188 mac
40:55:82:a1:xx:xx ip 10.18.220.233
[13904] 2024-07-26 15:24:42 debug store_arp - device 10.18.165.188 mac
14:7b:ac:00:xx:xx ip 10.18.199.130
[13904] 2024-07-26 15:24:42 debug store_arp - device 10.18.165.188 mac
70:d3:79:1a:xx:xx ip 10.30.194.49
[13904] 2024-07-26 15:24:42 debug store_arp - device 10.18.165.188 mac
14:7b:ac:00:xx:xx ip 10.18.220.234
[13904] 2024-07-26 15:24:42 debug store_arp - device 10.18.165.188 mac
40:55:82:a1:xx:xx ip 10.18.199.129
[13904] 2024-07-26 15:24:42 debug store_arp - device 10.18.165.188 mac
00:1c:7f:a3:xx:xx ip 10.30.194.50
[13904] 2024-07-26 15:24:42 debug store_arp - device 10.18.165.188 mac
70:d3:79:1a:xx:xx ip 10.18.220.238
[13904] 2024-07-26 15:24:42 debug store_arp - device 10.18.165.188 mac
70:d3:79:1a:xx:xx ip 10.18.199.134
[13904] 2024-07-26 15:24:42 debug [10.18.165.188] arpnip - processed 8
ARP Cache entries
[13904] 2024-07-26 15:24:42 debug [10.18.165.188] arpnip - processed 0
IPv6 Neighbor Cache entries
So I suspect the trouble is related to the SDWAN features or a specific
release?
Generally the more virutalization and software defined doohickeys a
platform has the less likely it is to cough up all arp entries via SNMP.
If you need to make an SSH Collector for IOS-XE SDWAN, you best figure
out first what commands are needed, then copy an existing one an make it
work. Many already do something like enumerate all contexts/vrf/vdoms
and then run commands for each, you can look at e.g. CPVSX, ASAContext
or FortiOS.
Good luck
Christian
Sorry if its been asked before .. but im finding lately due to the
environment getting complex I wouldn’t mind how the whole arp storing
works and getting more things to work better .
Muris
_______________________________________________
Netdisco mailing list
netdisco-users@lists.sourceforge.net
https://sourceforge.net/p/netdisco/mailman/netdisco-users/
--
Christian Ramseyer, netnea ag
Network Management. Security. OpenSource.
https://www.netnea.com
Phone: +41 79 644 77 64
--- End Message ---
--- Begin Message ---
I don’t the Aruba stuff has been updated since ArubaOS 6.X (Aruba is currently
pushing customers from version 8 to 10 which has the control plane in the cloud
).
Neil
On Fri, Jul 26, 2024, at 11:03 AM, Christian Ramseyer wrote:
> Hi Muris
>
> On 25.07.2024 06:27, Muris wrote:
> > Hey all,
> >
> > Ive picked up another issue ive come across in relation to arpnip’s and
> > netdisco picking up for matching to mac addresses
> >
> > * Ive found on ArubaOS controllers this does not work, and gets 0 arps
> > and ive seen it on a couple of Aruba switches or two. This is
> > running the netdisco-do arpnip function when I look at the output.
> > * Ive also noticed on Cisco SDWAN platform using Cisco ISR 1127/1131
> > which has VRF’s on a router it also doesn’t appear to match arps to
> > macs probably because it has VRFs?
> >
> > I tried to use the SSH script in this instance but still didn’t work.
> > The routers I have are running IOS XE, which doesn’t seem to work with
> > the SSH collector, as that only has IOS and IOSXR
> >
> > 1) I wanted to ask, is there a troubleshooting method for arps
> > retrieval, and what part of code handles the arp matching?
> > 3) What part of the code in netdisco looks at arp retrieval and then
> > storing it into the db into particular method? Is there something that
> > can be tweaked how it interprets the data, say for a Aruba Controller,
> > or a Cisco router with vrfs etc
>
>
> For 1 + 3 I use something like this:
>
> Run netdisco-do arpnip on the commandline with debugging flags:
>
> -D (always, general debugging)
> -SI (snmp OIDs + snmp info layer)
> -Q (DB queries, ignore unless you suspect a db issue)
>
> e.g. "netdisco-do -DIS -d lab2-ce2 arpnip"
>
> To see whats going wrong it's very helpful to compare a device with the
> expected outcome to the one where stuff doesn't work.
>
> From the debugging you can tell which OIDs are used, whether they send
> back a response etc. I often also just forget about netdisco and try to
> get what I need with regular snmpwalk/get, then figure out where the
> mismatch is. Or conclude that the device does not have the data at all.
>
> If you grep around in the code for strings appearing in the debug output
> it's easy to find where stuff happens, e.g (shortened):
>
> $ shopt -s globstar
> $ egrep '(store_arp|processed.*ARP Cache)' **/* 2>/dev/null
>
> lib/App/Netdisco/Util/Node.pm:=head2 store_arp( \%host, $now?, $device_ip )
> lib/App/Netdisco/Util/Node.pm:sub store_arp {
> lib/App/Netdisco/Util/Node.pm: debug sprintf 'store_arp - device %s mac
> %s ip %s',
> lib/App/Netdisco/Worker/Plugin/Arpnip/Nodes.pm:use
> App::Netdisco::Util::Node qw/che
> lib/App/Netdisco/Worker/Plugin/Arpnip/Nodes.pm: store_arp(\%$_, $now,
> $device->ip)
>
>
> Then just start hacking around in there until it works :)
>
>
>
>
> >
> > 2) What if I have a IOS XE router with vrf’s is it able to retrieve IP
> > to mac mappings? If I can do a “show arp vrf 2000” this shows the list,
> > but how do I make that available into netdisco?
> >
>
> I actually just tried this on regular IOS-XE and I seem to get all VRFs
> from the regular SNMP method, e.g.:
>
>
> # show version
>
> Cisco IOS XE Software, Version 17.09.03a
> Cisco IOS Software [Cupertino], ISR Software
> (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 17.9.3a, RELEASE SOFTWARE (fc2)
> cisco ISR4331/K9
>
>
> lab2-CE2#show vrf
> Name Default RD Protocols
> Interfaces
> Mgmt-intf <not set> ipv4,ipv6 Gi0
> VPRN-KTV1 65126:20923 ipv4,ipv6 Lo1
>
> Gi0/0/0
>
> Gi0/0/2.3811
> lab2-CE2#show ip arp
> lab2-CE2#show ip arp
> Protocol Address Age (min) Hardware Addr Type Interface
> Internet 10.18.220.233 89 4055.82a1.xxxx ARPA
> GigabitEthernet0/0/2.3899
> Internet 10.18.220.234 94 147b.ac00.xxxx ARPA
> GigabitEthernet0/0/2.3899
> Internet 10.18.220.238 - 70d3.791a.xxxx ARPA
> GigabitEthernet0/0/2.3899
> lab2-CE2#
> lab2-CE2#show ip arp vrf VPRN-KTV1
> Protocol Address Age (min) Hardware Addr Type Interface
> Internet 10.18.199.129 89 4055.82a1.xxxx ARPA
> GigabitEthernet0/0/2.3811
> Internet 10.18.199.130 90 147b.ac00.xxxx ARPA
> GigabitEthernet0/0/2.3811
> Internet 10.18.199.134 - 70d3.791a.xxxx ARPA
> GigabitEthernet0/0/2.3811
> Internet 10.30.194.49 - 70d3.791a.xxxx ARPA
> GigabitEthernet0/0/0
> Internet 10.30.194.50 0 001c.7fa3.xxxx ARPA
> GigabitEthernet0/0/0
> lab2-CE2#
>
>
> netdisco-do -D -d lab2-ce2 arpnip
> ...
> [13904] 2024-07-26 15:24:42 debug => running workers for phase: store
> [13904] 2024-07-26 15:24:42 debug -> run worker store/0 "arpnip::nodes"
> [13904] 2024-07-26 15:24:42 debug resolving 8 ARP entries with max 50
> outstanding requests
> [13904] 2024-07-26 15:24:42 debug store_arp - device 10.18.165.188 mac
> 40:55:82:a1:xx:xx ip 10.18.220.233
> [13904] 2024-07-26 15:24:42 debug store_arp - device 10.18.165.188 mac
> 14:7b:ac:00:xx:xx ip 10.18.199.130
> [13904] 2024-07-26 15:24:42 debug store_arp - device 10.18.165.188 mac
> 70:d3:79:1a:xx:xx ip 10.30.194.49
> [13904] 2024-07-26 15:24:42 debug store_arp - device 10.18.165.188 mac
> 14:7b:ac:00:xx:xx ip 10.18.220.234
> [13904] 2024-07-26 15:24:42 debug store_arp - device 10.18.165.188 mac
> 40:55:82:a1:xx:xx ip 10.18.199.129
> [13904] 2024-07-26 15:24:42 debug store_arp - device 10.18.165.188 mac
> 00:1c:7f:a3:xx:xx ip 10.30.194.50
> [13904] 2024-07-26 15:24:42 debug store_arp - device 10.18.165.188 mac
> 70:d3:79:1a:xx:xx ip 10.18.220.238
> [13904] 2024-07-26 15:24:42 debug store_arp - device 10.18.165.188 mac
> 70:d3:79:1a:xx:xx ip 10.18.199.134
> [13904] 2024-07-26 15:24:42 debug [10.18.165.188] arpnip - processed 8
> ARP Cache entries
> [13904] 2024-07-26 15:24:42 debug [10.18.165.188] arpnip - processed 0
> IPv6 Neighbor Cache entries
>
>
> So I suspect the trouble is related to the SDWAN features or a specific
> release?
>
> Generally the more virutalization and software defined doohickeys a
> platform has the less likely it is to cough up all arp entries via SNMP.
> If you need to make an SSH Collector for IOS-XE SDWAN, you best figure
> out first what commands are needed, then copy an existing one an make it
> work. Many already do something like enumerate all contexts/vrf/vdoms
> and then run commands for each, you can look at e.g. CPVSX, ASAContext
> or FortiOS.
>
>
>
> Good luck
> Christian
>
> >
> > Sorry if its been asked before .. but im finding lately due to the
> > environment getting complex I wouldn’t mind how the whole arp storing
> > works and getting more things to work better .
> >
> > Muris
> >
> >
> >
> > _______________________________________________
> > Netdisco mailing list
> > netdisco-users@lists.sourceforge.net
> > https://sourceforge.net/p/netdisco/mailman/netdisco-users/
>
> --
> Christian Ramseyer, netnea ag
> Network Management. Security. OpenSource.
> https://www.netnea.com
> Phone: +41 79 644 77 64
>
>
> _______________________________________________
> Netdisco mailing list
> netdisco-users@lists.sourceforge.net
> https://sourceforge.net/p/netdisco/mailman/netdisco-users/
--- End Message ---
_______________________________________________
Netdisco mailing list - Digest Mode
netdisco-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/netdisco-users
