On 3/9/11 5:41 AM, Chris Kawchuk wrote:
As a follow up on the L2 database/mapping capabilities...
1. I notice that sometimes IM correctly identifies a device as a switch (Juniper EX2200
for example), and thus allows it to be used as an "L2 discovery" system to
populate the MAC tables. This is good, however, yes, not all ports carry all IP addresses
on every port as per Jurgen's email below.
The L2 engine determines whether a device is a switch by checking for
the presence of the BRIDGE-MIB::dot1dBaseBridgeAddress MIB variable.
InterMapper has a separate check for the "Map Device As" setting, but
that setting is not used by Layer 2. Changing the Map Device As setting
has no effect on the L2 engine.
2. Sometimes IM incorrectly identifies something as a switch (such as a wireless access point in bridge
mode) and thinks it's a switch (since it has a mac-bridging table) although it only has 2 interfaces:
LAN and WLAN. Hence, it gets added to the list of switches; and I cant seem to get rid of it from the
L2 switch list (including changing the device to "behaviour: router"), and even deleting the
AP off the map. Whenever I try to rediscover all my wired-station endpoints& devices, everything
on the map ends up connecting to the "LAN" port on the Access Point. =) (since, hey, thats
where IM says it sees those MAC Addresses coming from!).
Currently, if a device is on an L2-enabled map, the L2 engine will poll
it for L2 information if it meets the criteria above. When you remove
the device from all the L2-enabled maps it it on, it's data will no
longer be updated (and it will appear red in the L2 view), but it will
still remain in the database until you run a scan that is more than 12
hours after the last time it was updated.
I agree that we need to add a way to indicate that we don't want the L2
engine to poll certain devices (and remove their existing data from the
database).
3. If IM doesn't initially get an SNMP mac-briding-table when it first interrogates a device, then
it will never add the device into the "list of switches", even though the device is a
switch. (I didn't have SNMP enabled on a target Juniper EX4200 switch when I first added it, hence
IM couldn't poll the device). I enabled SNMP, and the device was then pollable; but IM seems to
refuse to put the device into the "L2 list of switches", and will not consult the device.
(this includes me changing behaviour: switch against the device).
This sounds odd to me. When you run an L2 poll, the L2 engine retrieves
the list of all devices using SNMP probes on L2-enabled maps. If a
device is UP and it's not in a "No SNMP Response" state, the L2 engine
should poll the device for L2 data. If you add a device to a map, or
fix it so it responds to SNMP, it should be picked up when you next
re-run the L2 poll.
I am not sure why the target is not appearing after you corrected the
initial issue. Can you check the switches.log to see if the target IP is
being polled?
4. Some devices are combination routers/switches. For example, an Juniper
SRX240; is both router, firewall, and switch. IM discovered it as a router, and
hence doesn't add it into the list of L2 switches, even though it has 16x1Ge
switching ports on it (and it's indeed acting as a switch on 15 of it's
interfaces). I cant seem to convince IM to interrogate the device as a switch.
(or, at least has some switching-like functionality)
Please run an SNMPWalk from InterMapper on this device using OID
(1.3.6.1.2.1.17.1) and send it to [email protected]. The results
will give me an idea of what might be going wrong.
So, what I think may be in everyones interest is:
1. Ability to manually delete a device from the "list of switches"; so that it
never consults it again (and removes all references to it in the database/discovery)
cleanly.
I agree this is essential.
2. Ability for the human to instruct IM to accept a device as a switch (provided it has a
proper mac-bridging-table), and allow IM to use that device as a resource to discover my
end-systems/endpoints/MAC Addresses/etc, even though the device may be "more than
just a dumb switch" =). (Think Integrated Router/Firewall/Switch/MPLS-endpoint)
I'd like to improve the software so more switch-like objects are
detected. Ideally, if we don't detect a device as a switch, it is
probably because we can't get any information from it using the default
MIB's.
--
Bill Fisher
Dartware, LLC
____________________________________________________________________
List archives:
http://www.mail-archive.com/intermapper-talk%40list.dartware.com/
To unsubscribe: send email to: [email protected]
