Several questions about Cisco devices and SNMP

Hello guys!

I am implementing auto-discovering application based on SNMP protocol. Each network device (typically Cisco router or switch) is presented in my system in terms of templates. Templates specify the general structure of device class (number of interfaces, required attributes, etc). Thus, all registered devices are empty.

The problem lies in filling all required attributes (interface's index, name, description). It's not a problem in simplest case - I can get these values via SNMP. All what should I know is OID. Suppose I want to fill three attributes for each of 26 interfaces of my device (attributes and number of interfaces are specified in template). The simplest algorithm is shown below: for N in (1..26) { index = SnmpGet(ifIndex.N); name = SnmpGet(ifName.index); desc = SnmpGet(ifDesc.index); FillDevice(index, name, desc); }

Unfortunately, there are several cases when I can't associate all necessary attributes with a number N. Suppose a device have an interface with name "Gig0/0" and this name is a primary ID of device in my application. So, how can I determine an index of this interface? Obvious solution is to execute a command like this: snmpwalk .... | grep "Gig0/0" | grep ... | awk .... but it's awkward approach.

It seems to me that I am not the first who trying to solve this problem. Can anyone refer me to useful documentation, open source projects, etc. It is possible at all to automatically discover entire network using SNMP?


Reply to
Krivenok Dmitry
Loading thread data ...

You are chosing to use an key (the string "Gig0/0") that has no representation as an SNMP index. The only way you are going to be able to do that is to get the list of interfaces and do a text match against the results.

No. If a device hasn't talked fairly "recently" then information about it will not be in any SNMP table -- not in any ether MAC table (layer 2), and not in any IP MAC table (layer 3). There is no sure way to be able to provoke a hidden device to talk -- it is not uncommon for devices to ignore broadcast ICMP ECHO packets for example. And if you have any hubs out there, or any shared segments, you run into the possibility that any given device might only happen to be talking to other devices on its segment and might never need to pass through a switch. (If your network is like my work network, users go ahead and install unauthorized $50 switches and drape cables around the room instead of asking for an official installation of more drops.)

This situation leaves you with two possibilities: a) On every switch, mirror/span all the non-uplink traffic to a traffic analyzer; or b) poll all the switches faster than the table timeouts, hoping to

-eventually- find every device in the table when it eventually talks.

In practice, (b) only "more or less" works (the tables sometimes expire in about 3 minutes).

*If* all of your switches are Cisco, then sniffing the CDP (Cisco Discovery Protocol) packets can help find adjacent switches. But see above about unauthorized switches.

Unauthorized switches are not usually managed switches, and are not usually Cisco (though sometimes they are Linksys), and it isn't uncommon that they just pass through STP packets instead of acting on them themselves. Then there's the problem of switches authorized at levels you can't touch politically; you probably weren't even given the SNMP communities for them. If you don't have the budget to provide switches on demand for everyone, you probably have devices on your network that are not going to cooperate with network discovery.

In the meantime, for some useful (but incomplete) autodiscovery, try Look@Lan .

Reply to
Walter Roberson Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.