Send netdisco-users mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.sourceforge.net/lists/listinfo/netdisco-users
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of netdisco-users digest..."
Today's Topics:
1. Re: How does NetDisco determine OS and version? (Koen Dooms)
2. Re: SNMPv3 with SHA512 and netdisco (Diego Barba Garc?a)
--- Begin Message ---
Oliver,
I'll try to understand how that works.
As always a helpfull answer. Thank you.
mvg,
Koen
On Thu, 4 Sep 2025, 16:39 Oliver Gorwits, <[email protected]> wrote:
> Hi Koen
>
> Currently this all comes from the SNMP::Info perl distribution, which is
> the "SNMP Class" when you go to the Details tab for any device. Each type
> of device maps to a different Class, but they all have the same interface
> for Netdisco to use....
>
> These Classes provide "os" and "os_ver" methods which do whatever they
> need to do, to get the OS name and version. Some return a static string
> (like "catalyst") and some will visit an SNMP leaf where the vendor might
> have provided the value(s).
>
> Have a poke around inside the SNMP::Info class to see. Sometimes the class
> is inheriting the methods from another class.
>
> (in the future we might have API methods for this or SSH, but right now
> it's all via SNMP::Info)
>
> I hope this helps?
>
> regards
> oliver.
>
> On Thu, 4 Sept 2025 at 15:32, Koen Dooms <[email protected]> wrote:
>
>> Hi,
>>
>> I'm wondering how NetDisco determines the running OS and version of
>> devices, in particular Cisco switches.
>> And what needs to be fixed to get the correct info, in particular for a
>> C1300 series switch.
>>
>> Here is a summary how NetDisco sees the OS and version for specific Cisco
>> models:
>> SX550: ros / 2.5.9.54
>> C1300: IOS / blank (IOS in capitals, no version)
>> C2960: ios / 15.2(2)E6 (IOS in lower case)
>> C9300: ios-xe / 17.9.5
>>
>> Not sure what ros tands for (router OS?), but the SX550 and 1300 run
>> similar operating system based on Linux. Not IOS as the older and higher
>> end models do.
>>
>>
>> --
>> mvg,
>> Koen
>> _______________________________________________
>> Netdisco mailing list
>> [email protected]
>> https://sourceforge.net/p/netdisco/mailman/netdisco-users/
>
>
--- End Message ---
--- Begin Message ---
Hi Oliver,
Thanks for your answer. If I execute a snmpwalk from the same server where
netdisco is installed, and querying the machine that I want to discover, then
the snmp query works with SHA512 and AES:
$ snmpwalk -v 3 -l authPriv -u usuario -a SHA512 -A xxxxxxxxxxx -x AES -X
xxxxxxxxxxx 192.168.1.1 .1.3.6.1.4.1
iso.3.6.1.4.1.2021.4.1.0 = INTEGER: 0
iso.3.6.1.4.1.2021.4.2.0 = STRING: "swap"
iso.3.6.1.4.1.2021.4.3.0 = INTEGER: 16187388
…
But if I configure the netdisco deployment.yml file according to this and
execute a discover, then it doesn’t work:
…
device_auth:
- tag: 'v3example'
user: usuario
auth:
pass: "xxxxxxxxxxxx"
proto: SHA512
priv:
pass: "xxxxxxxxxxxx"
proto: AES
…
the discover command returns some errors:
~/environments$ ~/bin/netdisco-do discover -d 192.168.1.1 -D
[2502399] 2025-09-04 14:37:26 info App::Netdisco version 2.087001 loaded.
[2502399] 2025-09-04 14:37:26 info discover: [192.168.1.1] started at Thu Sep
4 16:37:26 2025
[2502399] 2025-09-04 14:37:27 debug discover: running with timeout 600s
[2502399] 2025-09-04 14:37:27 debug //// CHECK \\\\ phase
[2502399] 2025-09-04 14:37:27 debug ⮕ worker Internal::BackendFQDN p1000000
[2502399] 2025-09-04 14:37:27 debug ⮕ worker Internal::SNMPFastDiscover p1000000
[2502399] 2025-09-04 14:37:27 debug running with configured SNMP timeouts
[2502399] 2025-09-04 14:37:27 debug ⮕ worker Discover p0
[2502399] 2025-09-04 14:37:27 debug ⬅ (done) Discover is able to run.
[2502399] 2025-09-04 14:37:27 debug //// EARLY \\\\ phase
[2502399] 2025-09-04 14:37:27 debug ⮕ worker Discover::Properties p100 "initial
device creation and basic device details"
[2502399] 2025-09-04 14:37:27 debug snmp reader cache warm: [192.168.1.1]
[2502399] 2025-09-04 14:37:27 debug [192.168.1.1:161] try_connect with v: 3, t:
0.2, r: 0, class: SNMP::Info, comm: <hidden>
[2502399] 2025-09-04 14:37:27 debug Can't call method "offline" on an undefined
value at /home/netdisco/perl5/lib/perl5/App/Netdisco/Transport/SNMP.pm line 300.
[2502399] 2025-09-04 14:37:27 debug [192.168.1.1:161] try_connect with v: 3, t:
0.2, r: 0, class: SNMP::Info, comm: <hidden>
[2502399] 2025-09-04 14:37:27 debug Can't call method "offline" on an undefined
value at /home/netdisco/perl5/lib/perl5/App/Netdisco/Transport/SNMP.pm line 300.
[2502399] 2025-09-04 14:37:27 debug [192.168.1.1:161] try_connect with v: 3, t:
0.2, r: 0, class: SNMP::Info, comm: <hidden>
[2502399] 2025-09-04 14:37:27 debug Can't call method "offline" on an undefined
value at /home/netdisco/perl5/lib/perl5/App/Netdisco/Transport/SNMP.pm line 300.
[2502399] 2025-09-04 14:37:27 debug [192.168.1.1:161] try_connect with v: 3, t:
3, r: 2, class: SNMP::Info, comm: <hidden>
[2502399] 2025-09-04 14:37:27 debug Can't call method "offline" on an undefined
value at /home/netdisco/perl5/lib/perl5/App/Netdisco/Transport/SNMP.pm line 300.
[2502399] 2025-09-04 14:37:27 debug [192.168.1.1:161] try_connect with v: 3, t:
3, r: 2, class: SNMP::Info, comm: <hidden>
[2502399] 2025-09-04 14:37:27 debug Can't call method "offline" on an undefined
value at /home/netdisco/perl5/lib/perl5/App/Netdisco/Transport/SNMP.pm line 300.
[2502399] 2025-09-04 14:37:27 debug [192.168.1.:161] try_connect with v: 3, t:
3, r: 2, class: SNMP::Info, comm: <hidden>
[2502399] 2025-09-04 14:37:27 debug Can't call method "offline" on an undefined
value at /home/netdisco/perl5/lib/perl5/App/Netdisco/Transport/SNMP.pm line 300.
[2502399] 2025-09-04 14:37:27 debug ⬅ (defer) discover failed: could not SNMP
connect to 192.168.1.1
I have taken some tcpdumps and seen that when I configure SHA512 on
deployment.yml then the snmp queries are not even executed.
Best regards,
Diego
De: Oliver Gorwits <[email protected]>
Enviado el: jueves, 4 de septiembre de 2025 16:10
Para: Diego Barba García <[email protected]>;
[email protected]
Asunto: Re: [Netdisco] SNMPv3 with SHA512 and netdisco
Hi Diego
I think it should work, so let's look into it...
First, Netdisco doesn't use Net::SNMP, it uses "SNMP" (a different Perl module)
- yes, confusing :-(
Netdisco uses "net-snmp" the reference implementation of SNMP in C, and its
Perl binding, which is module "SNMP". This does support SHA256 and SHA512:
https://www.net-snmp.org/wiki/index.php/Strong_Authentication_or_Encryption<https://urldefense.com/v3/__https:/www.net-snmp.org/wiki/index.php/Strong_Authentication_or_Encryption__;!!MvyJQugb!Cd23IoZODdvvj7NBlmMF7CrN0pFbr2PCM-eQ3dyVtmruEo4jrF899shP5EDHMfmh4teltH9IGPw$>
Assuming you have a new version of net-snmp from your operating system, then...
How are you specifying the authentication algorithm in your configuration? You
can test at the command line with snmpget and the net-snmp documentation, then
copy the values into Netdisco conf.
regards
oliver.
On Wed, 3 Sept 2025 at 13:32, Diego Barba García via netdisco-users
<[email protected]<mailto:[email protected]>>
wrote:
Hello,
We have been using netdisco for several years without major issues. Recently we
installed some devices that only support snmpv3 with SHA256 or SHA512. But it
seems that netdisco (or better said: the SNMP module of Perl) doesn’t support
it, please, could anybody confirm if this is true? I have found this:
https://www.claudiokuenzler.com/blog/1205/how-to-perl-net-snmp-v3-authentication-protocol-support-newer-sha-sha256-sha512<https://urldefense.com/v3/__https:/www.claudiokuenzler.com/blog/1205/how-to-perl-net-snmp-v3-authentication-protocol-support-newer-sha-sha256-sha512__;!!MvyJQugb!Cd23IoZODdvvj7NBlmMF7CrN0pFbr2PCM-eQ3dyVtmruEo4jrF899shP5EDHMfmh4telRdYCxgQ$>
And changed the Security/USM.pm but to no avail, so I rolled back the
modifications.
Best regards!
Diego
_______________________________________________
Netdisco mailing list
[email protected]<mailto:[email protected]>
https://sourceforge.net/p/netdisco/mailman/netdisco-users/<https://urldefense.com/v3/__https:/sourceforge.net/p/netdisco/mailman/netdisco-users/__;!!MvyJQugb!Cd23IoZODdvvj7NBlmMF7CrN0pFbr2PCM-eQ3dyVtmruEo4jrF899shP5EDHMfmh4telfZp4fXo$>
P Please consider the environment before printing this e-mail.
--- End Message ---
_______________________________________________
Netdisco mailing list - Digest Mode
[email protected]
https://lists.sourceforge.net/lists/listinfo/netdisco-users
