Autodiscovery
Autodiscovery can be used to discover IP addresses outside of the range by using the ARP cache and/or CDP neighbor information. For autodiscovery, it is recommended to specify only a few seed devices. The maxhops parameter is used to specify how many recursive levels are needed to discover the rest of the network. In some cases, the required number of recursive levels may be up to 10, depending upon the seed devices that are chosen.
discover_by_arp=0
maxhops=8
maxthreads=10
community=/tmp/communityfile
target_dir=/tmp/bridge
logdir=/tmp/log
profile=/u/wandl/data/.TaskManager/profile/newprofile
inc_non_switches=1
retry=1
timeout=2
# seed range for ping scan with default community
10.1.0.1 wandlcom login=wandl passwdenc=asdfasdfasdf ppasswdenc=asdfasdfasdf agents=11.2.3.4 10.2.0.1 wandlcom login=wandl passwdenc=asdfasdfasdf ppasswdenc=asdfasdfasdf agents=11.2.3.4
Parameter File Options
Table 1: Autodiscovery Options
Parameter | Description |
|---|---|
discover=1 | This option, when set to 1, enables autodiscovery by ARP and CDP cache tables. It corresponds to the Enable autodiscovery option being checked in the VLAN Discovery task’s Discovery Options tab in the client GUI. Both “seed” devices and devices learned from ARP and CDP cache tables are polled and collected.
|
discover_by_arp=0 | If discover=1 and discover_by_arp=0, then ARP will not be used in autodiscovery. |
discover_by_cdp=0 | If discover=1 and discover_by_cdp=0, then CDP will not be used in autodiscovery. |
maxhops=n | Specifies how many recursive levels to auto-discover based on arp/mac address table, for example, value between 2-5. |
rangefrom=IP address rangeto=IP address | This corresponds to the IP address range to discover in the VLAN Discovery Task in the client GUI. |
Table 2: Pingsweep Options
Parameter | Description |
|---|---|
pingsweep=1 | The pingsweep parameter is used to find which IP addresses in a particular range are active so that they can be polled for SNMP bridge information. It will test accessibility by ICMP with small timeout (0.5sec) compared to SNMP timeout (3 sec with 5 retries). If this is commented out, then it will perform snmp scan (check SNMP). By default, this parameter is not enabled. |
fpingpath | The location of the fping utility. If fping is not specified, the default is to use ping. |
ipsperfping | The number of IP addresses that will be pinged by a single fping command. The default value is 128. |
maxfpingthreads | The number of simultaneous fping’s can be run at a time. The default value is 10. |
Table 3: General Options
Parameter | Description |
|---|---|
Seed devices | Specify the device IP addresses or ranges followed by the SNMP community string, For example, 192.10.21.[1-254] wandlc1. To specify per-range attributes, the following parameters are also available: timeout, retry, login, passwdenc, ppasswdenc (password and privilege/enable password), agents (in case of an intermediate remote collection server that must be used to reach the device.) |
ipskip=filename | This points to the file containing IP addresses to whitelist or blacklist. It corresponds to the VLAN Discovery Task option “File containing IP addresses or ranges to discover (white list) or to skip (black list”.
|
inc_non_switches=1 | When set to 1, this option will include a device that is neither a switch nor a router. The default value is 0. |
community=file | This points to and corresponds to the File with optional SNMP get community string(s) option in the VLAN Discovery Task in the client GUI. The file contains one SNMP community string per line with an optional version specification: mycommunity, v2c public, v1 The VLAN Discovery process will try alternate SNMP community strings from this set if the default/configured SNMP community strings specified in the router profile does not work. By default, no plan B community file is used. |
target_dir=directory | This points to the directory where the collected SNMP
bridge data will be stored. The default directory is |
logdir=directory | This points to the directory that will contain Layer 2 collection status and error logging. By default the log files are not saved. |
profile=file | This points to where the resultant generated profile will be created and corresponds to the Generated result profile option in the VLAN Discovery Task in the client GUI. Any additionally discovered devices will also be added to this profile file. It is recommended to specify a file location in /u/wandl/data/.TaskManager/profile, so that the generated router profile will be automatically included in the Router Profile window. By default, no profile is saved. |
maxthreads=n | This divides the task into multiple threads instead of running everything sequentially. By default the value is 5 to minimize the impact on the network. |
timeout | Default 3 seconds |
retry | Default 3 seconds |
Collection Log
A log file is saved under the /u/wandl/data/collection/.LiveNetwork/bridge/intermediates directory, with the name collectionLog.runcode.date
The format of this file is as follows:
## collectionLog.x.201105241249 ## Report Date=05/24/2011 12:49, Runcode=x #IP,ErrorMessage,sysName,Vendor,sysObjectID,BridgeAddr,sysDescr200.200.0.1,not reachable via icmp,,,,,, 200.200.0.2,not reachable via icmp,,,,,, 200.200.200.6,,HKG3640,CISCO,.1.3.6.1.4.1.9.1.110,,Cisco IOS Software, 3600 Software (C3640-JS-M), Version 12.4(7a), RELE...,
Table 4: Sample Error Messages
Error Message | Explanation |
|---|---|
not reachable via icmp | The device is not reachable from the pingsweep |
not accessible (check SNMP parameters) | The device is reachable via ping but not accessible via SNMP. The community string could be incorrect. |
duplicated sysname | A device with the same hostname has already been accessed using another IP address |
no bridge mib data | The device might be a router without switching capabilities |
Missing node data | A device’s CDP neighbor has not been collected |
cannot find designated port | A spanning tree neighbor may be missing from the collected data |
Troubleshooting
Constructing a complete and accurate layer 2 can be challenging at times.
- A particular device may be configured to prevent the polling of certain SNMP MIBs to reduce the potential increase in CPU loading.
- Another challenge could be trying to collect information from devices that do not support the standard SNMP MIBs.
- If the timeout for a particular device is not long enough, the bridge files may be incomplete, in which case they may not be shown on the topology.
Under these imperfect conditions where collected data is incomplete, the VLAN Discovery task will still make use of all the information that is collected to construct as complete and as accurate a topology as possible.
Check the log file output for indication of reachability issues. If there are reachability issues, check if there is a firewall or if there are access lists configured on the device blocking ICMP packets or the polling of specific SNMP tables.
