Send Netdot-users mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://osl.uoregon.edu/mailman/listinfo/netdot-users
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Netdot-users digest..."
Today's Topics:
1. Re: Support for virtual servers? (Brian Candler)
2. Re: Support for virtual servers? (Karsten Heymann)
3. Re: Support for virtual servers? (Brian Candler)
4. Re: Support for virtual servers? (Phil Regnauld)
5. Re: Support for virtual servers? (William Bulley)
----------------------------------------------------------------------
Message: 1
Date: Wed, 04 Jun 2014 13:10:11 +0100
From: Brian Candler <[email protected]>
Subject: Re: [Netdot-users] Support for virtual servers?
To: Karsten Heymann <[email protected]>, Roberto Greiner
<[email protected]>
Cc: [email protected]
Message-ID: <[email protected]>
Content-Type: text/plain; charset="iso-8859-1"
On 04/06/2014 12:43, Karsten Heymann wrote:
>
> thank you for your reply, unfortunately this is not exactly what I had
> in mind. What I'm trying to do is to really have all physical and
> virtual servers stored in netdot with all their metadata (IP, VLAN,
> DNS, Location, ...) and then have the correct topology stored in the
> database, so I can see in netdot which virtual servers are running on
> which physical hardware without drawing static images myself.
>
An intriguing possibility would be:
* run lldpd on the VM hosts, so the switch<->host link is explicit
* query the bridge forwarding table:
* standard bridge: brctl showmacs <brname>
* openvswitch: ovs-appctl fdb/show <brname>
* map local bridge interface numbers to interface names like tap1
Then the VMs would appear to be connected to their host, downstream from it.
Unfortunately, I don't think this information is exposed via SNMP :-(
http://serverfault.com/questions/227952/snmpd-configuration-to-enable-bridge-mib-or-q-bridge-mib
http://openvswitch.org/pipermail/discuss/2014-April/013536.html
There are a couple of experimental implementations in the first link you
could look at though.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://osl.uoregon.edu/pipermail/netdot-users/attachments/20140604/18513820/attachment-0001.html
------------------------------
Message: 2
Date: Wed, 4 Jun 2014 17:57:15 +0200
From: Karsten Heymann <[email protected]>
Subject: Re: [Netdot-users] Support for virtual servers?
To: Brian Candler <[email protected]>
Cc: [email protected]
Message-ID:
<cal017hbuzzue6sbkkt+41723nuhh0tm90m4dw6zcek3mse+...@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Hi Brian,
2014-06-04 14:10 GMT+02:00 Brian Candler <[email protected]>:
>
> An intriguing possibility would be:
>
> * run lldpd on the VM hosts, so the switch<->host link is explicit
> * query the bridge forwarding table:
> * standard bridge: brctl showmacs <brname>
> * openvswitch: ovs-appctl fdb/show <brname>
> * map local bridge interface numbers to interface names like tap1
>
> Then the VMs would appear to be connected to their host, downstream from
> it.
>
> Unfortunately, I don't think this information is exposed via SNMP :-(
>
>
> http://serverfault.com/questions/227952/snmpd-configuration-to-enable-bridge-mib-or-q-bridge-mib
> http://openvswitch.org/pipermail/discuss/2014-April/013536.html
>
> There are a couple of experimental implementations in the first link you
> could look at though.
>
>
thank you for the suggestions. I'm already running lldpd on the physical
servers. I also tried running it on the virtual servers, but the linux
bridge does not forward lldp (or cdp) information. I also tested
openvswitch, but it doesn't support snmp, lldp or cdp as well as far as I
could find out.
Your idea of connecting the tap devices to the virtual servers sounds
interesting, although it would be really nice to be able to see which
virtual servers are connected to which bridges, as there are multiple
bridges for the different vlans we use.
Another thing I just found is the host_device field, which at least would
allow to store the physical server in the entry of each virtual server.
Sadly it seems to be used only to export dependencies to nagios and not to
compute the network topology.
Regarding the export of linux bridge information via snmp, I just found
that an userpace agent for this is actually part of net-snmp, although it
seems not to be installed by default:
http://sourceforge.net/p/net-snmp/code/ci/master/tree/local/snmp-bridge-mib
Running this allows to query information about the bridge:
snmpwalk -v2c -c redacted localhost BRIDGE-MIB::dot1dBridge
But this information does not seem to be used by netdot, at least grepping
the netdot code for the mib did not yield any results.
Any further hints would be greatly appreciated.
Best
Karsten
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://osl.uoregon.edu/pipermail/netdot-users/attachments/20140604/6498291c/attachment-0001.html
------------------------------
Message: 3
Date: Wed, 04 Jun 2014 17:18:15 +0100
From: Brian Candler <[email protected]>
Subject: Re: [Netdot-users] Support for virtual servers?
To: Karsten Heymann <[email protected]>
Cc: [email protected]
Message-ID: <[email protected]>
Content-Type: text/plain; charset=UTF-8; format=flowed
On 04/06/2014 16:57, Karsten Heymann wrote:
> Your idea of connecting the tap devices to the virtual servers sounds
> interesting
I think you'll find your VM servers are already connected to the bridge
with tap devices (or vnet devices or similar)
Type "brctl show" on the machine where your VMs are running.
> , although it would be really nice to be able to see which virtual
> servers are connected to which bridges, as there are multiple bridges
> for the different vlans we use.
>
With regular Linux bridges that would involve enumerating the bridges.
With openvswitch you can have a single openvswitch instance, have vlans
inside openvswitch, connecting each VM to an access port with a chosen
VLAN (or a trunk port with selected VLANs on it). I've tested this, it
works very nicely.
> Running this allows to query information about the bridge:
> snmpwalk -v2c -c redacted localhost BRIDGE-MIB::dot1dBridge
> But this information does not seem to be used by netdot, at least
> grepping the netdot code for the mib did not yield any results.
>
Netdot definitely retrieves the bridge table from switches. Whether it's
this MIB or a different one I don't know. Search for fwt_update, dig
down to walk_fwt.
------------------------------
Message: 4
Date: Wed, 4 Jun 2014 18:20:08 +0200
From: Phil Regnauld <[email protected]>
Subject: Re: [Netdot-users] Support for virtual servers?
To: Karsten Heymann <[email protected]>
Cc: [email protected]
Message-ID: <[email protected]>
Content-Type: text/plain; charset=us-ascii
Karsten Heymann (karsten.heymann) writes:
>
> thank you for the suggestions. I'm already running lldpd on the physical
> servers. I also tried running it on the virtual servers, but the linux
> bridge does not forward lldp (or cdp) information.
Hi Karsten,
The bridge doesn't appear, but I have definitely run workshops
where virtual 7200s could see the VMs running CDPD/LLDPD as neighbors.
> I also tested
> openvswitch, but it doesn't support snmp, lldp or cdp as well as far as I
> could find out.
Unfortunately not - but extending snmpd to provide this information
using
ovsctl and the ovsdb would be an interesting project.
> Regarding the export of linux bridge information via snmp, I just found
> that an userpace agent for this is actually part of net-snmp, although it
> seems not to be installed by default:
> http://sourceforge.net/p/net-snmp/code/ci/master/tree/local/snmp-bridge-mib
Neat - I'd missed this...
> Running this allows to query information about the bridge:
> snmpwalk -v2c -c redacted localhost BRIDGE-MIB::dot1dBridge
> But this information does not seem to be used by netdot, at least grepping
> the netdot code for the mib did not yield any results.
What have you set sysServices to on the host running the bridge ?
https://osl.uoregon.edu/redmine/issues/1764
sysServices has to reflect that the host is also an L2 device -
you might want to set that to 78 and see if that helps.
Phil
------------------------------
Message: 5
Date: Wed, 4 Jun 2014 12:22:01 -0400
From: William Bulley <[email protected]>
Subject: Re: [Netdot-users] Support for virtual servers?
To: Karsten Heymann <[email protected]>
Cc: [email protected], Brian Candler <[email protected]>
Message-ID: <[email protected]>
Content-Type: text/plain; charset=us-ascii
According to Karsten Heymann <[email protected]> on Wed, 06/04/14 at
11:57:
>
> Regarding the export of linux bridge information via snmp, I just found
> that an userpace agent for this is actually part of net-snmp, although it
> seems not to be installed by default:
> http://sourceforge.net/p/net-snmp/code/ci/master/tree/local/snmp-bridge-mib
> Running this allows to query information about the bridge:
> snmpwalk -v2c -c redacted localhost BRIDGE-MIB::dot1dBridge
> But this information does not seem to be used by netdot, at least grepping
> the netdot code for the mib did not yield any results.
But it is part of SNMP::Info which is heavily used by Netdot.
http://search.cpan.org/~oliver/SNMP-Info-3.13/Info/Bridge.pm
Regards,
web...
--
William Bulley Email: [email protected]
72 characters width template ----------------------------------------->|
------------------------------
_______________________________________________
Netdot-users mailing list
[email protected]
https://osl.uoregon.edu/mailman/listinfo/netdot-users
End of Netdot-users Digest, Vol 67, Issue 2
*******************************************
