Several questions about Cisco devices and SNMP

Discussion in 'Cisco' started by Krivenok Dmitry, Feb 16, 2007.

  1. Hello guys!

    I am implementing auto-discovering application based on SNMP protocol.
    Each network device (typically Cisco router or switch) is presented in
    my system in
    terms of templates.
    Templates specify the general structure of device class (number of
    interfaces, required
    attributes, etc).
    Thus, all registered devices are empty.

    The problem lies in filling all required attributes (interface's
    index, name, description).
    It's not a problem in simplest case - I can get these values via SNMP.
    All what should I know is OID.
    Suppose I want to fill three attributes for each of 26 interfaces of
    my device (attributes
    and number of interfaces are specified in template).
    The simplest algorithm is shown below:
    for N in (1..26)
    {
    index = SnmpGet(ifIndex.N);
    name = SnmpGet(ifName.index);
    desc = SnmpGet(ifDesc.index);
    FillDevice(index, name, desc);
    }

    Unfortunately, there are several cases when I can't associate all
    necessary attributes
    with a number N.
    Suppose a device have an interface with name "Gig0/0" and this name is
    a primary ID
    of device in my application.
    So, how can I determine an index of this interface?
    Obvious solution is to execute a command like this:
    snmpwalk .... | grep "Gig0/0" | grep ... | awk ....
    but it's awkward approach.

    It seems to me that I am not the first who trying to solve this
    problem.
    Can anyone refer me to useful documentation, open source projects,
    etc.
    It is possible at all to automatically discover entire network using
    SNMP?

    Thanks!
     
    Krivenok Dmitry, Feb 16, 2007
    #1
    1. Advertising

  2. In article <>,
    Krivenok Dmitry <> wrote:
    >I am implementing auto-discovering application based on SNMP protocol.


    >Suppose a device have an interface with name "Gig0/0" and this name is
    >a primary ID
    >of device in my application.
    >So, how can I determine an index of this interface?
    >Obvious solution is to execute a command like this:
    >snmpwalk .... | grep "Gig0/0" | grep ... | awk ....
    >but it's awkward approach.


    You are chosing to use an key (the string "Gig0/0") that has no
    representation as an SNMP index. The only way you are going to be
    able to do that is to get the list of interfaces and do a text match
    against the results.


    >It is possible at all to automatically discover entire network using
    >SNMP?


    No. If a device hasn't talked fairly "recently" then information
    about it will not be in any SNMP table -- not in any ether MAC table
    (layer 2), and not in any IP MAC table (layer 3). There is no sure
    way to be able to provoke a hidden device to talk -- it is not uncommon
    for devices to ignore broadcast ICMP ECHO packets for example.
    And if you have any hubs out there, or any shared segments, you
    run into the possibility that any given device might only happen to
    be talking to other devices on its segment and might never need to pass
    through a switch. (If your network is like my work network, users go
    ahead and install unauthorized $50 switches and drape cables around
    the room instead of asking for an official installation of more drops.)

    This situation leaves you with two possibilities:
    a) On every switch, mirror/span all the non-uplink traffic to a
    traffic analyzer; or
    b) poll all the switches faster than the table timeouts, hoping to
    -eventually- find every device in the table when it eventually talks.

    In practice, (b) only "more or less" works (the tables sometimes
    expire in about 3 minutes).


    *If* all of your switches are Cisco, then sniffing the CDP
    (Cisco Discovery Protocol) packets can help find adjacent switches.
    But see above about unauthorized switches.

    Unauthorized switches are not usually managed switches, and are not
    usually Cisco (though sometimes they are Linksys), and it isn't
    uncommon that they just pass through STP packets instead of acting
    on them themselves. Then there's the problem of switches authorized
    at levels you can't touch politically; you probably weren't even
    given the SNMP communities for them. If you don't have the budget
    to provide switches on demand for everyone, you probably have
    devices on your network that are not going to cooperate with
    network discovery.


    In the meantime, for some useful (but incomplete) autodiscovery,
    try Look@Lan .
     
    Walter Roberson, Feb 16, 2007
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?UGhhbnRvbSBjeWNsaXN0?=

    Help with setting WEP keys in several devices

    =?Utf-8?B?UGhhbnRvbSBjeWNsaXN0?=, Dec 23, 2005, in forum: Wireless Networking
    Replies:
    1
    Views:
    1,989
    Pavel A.
    Dec 24, 2005
  2. news.easynews.com

    SNMP - Cisco - SNMP

    news.easynews.com, Mar 4, 2004, in forum: Cisco
    Replies:
    0
    Views:
    833
    news.easynews.com
    Mar 4, 2004
  3. tyeung@mk
    Replies:
    3
    Views:
    20,340
    Igor Mamuzic
    Nov 20, 2005
  4. Replies:
    12
    Views:
    1,564
  5. Adrian Przestroga
    Replies:
    1
    Views:
    818
    alexd
    Dec 12, 2010
Loading...

Share This Page