I've just installed NAV locally to get the Machine Tracker, however, I can only search for ip addresses when checking the Inactive field. Results doesn't contain the MAC address either.. Any idea why this is happening? We're running cisco layer 2/3 switches (added as GSW equipment).
On Thu, 19 Feb 2009 15:04:18 +0100 Erik Weber twiztar@gmail.com wrote:
I've just installed NAV locally to get the Machine Tracker, however, I can only search for ip addresses when checking the Inactive field. Results doesn't contain the MAC address either.. Any idea why this is happening? We're running cisco layer 2/3 switches (added as GSW equipment).
What version of NAV is this? What Cisco switches are you using? What are the numbers of compatible SNMP-OIDs in the IP Device Report's snmp-column for these devices? Are you able to find any CAM entries at all when performing a switch search for one of your switches (when omitting module/interface from the search)?
Morten Brekkevold wrote:
On Thu, 19 Feb 2009 15:04:18 +0100 Erik Weber twiztar@gmail.com wrote:
I've just installed NAV locally to get the Machine Tracker, however, I can only search for ip addresses when checking the Inactive field. Results doesn't contain the MAC address either.. Any idea why this is happening? We're running cisco layer 2/3 switches (added as GSW equipment).
What version of NAV is this?
Nav 3.5.0 (new install) installed on debian using Werner's package
What Cisco switches are you using?
A nice mix of switches:
* WS-C3560G-48PS * WS-C3560-24PS * WS-C2950T-24 * WS-C2950-24
And similar
What are the numbers of compatible SNMP-OIDs in the IP Device Report's snmp-column for these devices?
I get a nice 500 Internal server error while browsing the IP Device Center, if there's a sql query I can run to get the same information I can do that..
Are you able to find any CAM entries at all when performing a switch search for one of your switches (when omitting module/interface from the search)
I you by this mean if I can find any MAC addresses, then yes. If I search for my workstation MAC address I find it.
On Fri, 20 Feb 2009 08:33:43 +0100 Erik Weber twiztar@gmail.com wrote:
A nice mix of switches:
- WS-C3560G-48PS
- WS-C3560-24PS
- WS-C2950T-24
- WS-C2950-24
Those should all be well supported by NAV.
What are the numbers of compatible SNMP-OIDs in the IP Device Report's snmp-column for these devices?
I get a nice 500 Internal server error while browsing the IP Device Center, if there's a sql query I can run to get the same information I can do that..
Sorry if I was unclear, I'm asking for the results of a report in the report system. Go to Toolbox -> Report -> All IP Devices.
The SNMP column of that report gives the number of supported SNMP-OIDs that have been found on a device. If you click the number in the column, you will be taken to a report listing all the OIDs for that device. Make sure your routing switches list the "ipNetToMediaPhysAddress" oidkey.
About your 500 Internal Server Error: Please check the mailbox of the address defined as ADMIN_MAIL in nav.conf, NAV/Django should have sent a detailed error report there, which you should post as a bug in Launchpad. If you would like a more detailed error output in the web interface, set DJANGO_DEBUG to True in nav.conf.
Morten Brekkevold wrote:
On Fri, 20 Feb 2009 08:33:43 +0100 Erik Weber twiztar@gmail.com wrote:
Sorry if I was unclear, I'm asking for the results of a report in the report system. Go to Toolbox -> Report -> All IP Devices.
The SNMP column of that report gives the number of supported SNMP-OIDs that have been found on a device. If you click the number in the column, you will be taken to a report listing all the OIDs for that device. Make sure your routing switches list the "ipNetToMediaPhysAddress" oidkey.
They have 80-96 snmpoids each, and they all seem to have ipNetToMediaPhysAddress
About your 500 Internal Server Error: Please check the mailbox of the address defined as ADMIN_MAIL in nav.conf, NAV/Django should have sent a detailed error report there, which you should post as a bug in Launchpad. If you would like a more detailed error output in the web interface, set DJANGO_DEBUG to True in nav.conf.
I noticed I had a one hour clock difference and that caused pping to error out. Fixed that, but I still have to check 'Inactive' to get any results from the IP search.
Update: I tried setting DJANGO_DEBUG to True and it looked like it didn't like whitespaces in the organisation name (like "Company Ltd" or "Firmanavn AS"), removing the whitespace atleast gives me the possibility to see IP Device Info as well.
On Fri, 20 Feb 2009 09:22:34 +0100 Erik Weber twiztar@gmail.com wrote:
They have 80-96 snmpoids each, and they all seem to have ipNetToMediaPhysAddress
Could try to verify that there are any ARP entries recorded at all, using psql:
sudo -u postgres psql nav
then in psql:
SELECT * FROM arp;
The sysname column documents which router the record was pulled from.
I noticed I had a one hour clock difference and that caused pping to error out.
Error out how?
Fixed that, but I still have to check 'Inactive' to get any results from the IP search.
Well, those aren't actually real results unless they display with an associated mac address. The 'inactive' checkbox is there to allow you display (and possibly to a reverse DNS lookup on) all IP-addresses in a range, regardless of whether there is any ARP-cache data related to any of those addresses.
Update: I tried setting DJANGO_DEBUG to True and it looked like it didn't like whitespaces in the organisation name (like "Company Ltd" or "Firmanavn AS"), removing the whitespace atleast gives me the possibility to see IP Device Info as well.
Ok, I thought as much. It's a known bug which has been fixed for the upcoming 3.5.1 release: https://bugs.launchpad.net/nav/+bug/330914
Morten Brekkevold wrote:
On Fri, 20 Feb 2009 09:22:34 +0100 Erik Weber twiztar@gmail.com wrote:
They have 80-96 snmpoids each, and they all seem to have ipNetToMediaPhysAddress
Could try to verify that there are any ARP entries recorded at all, using psql:
sudo -u postgres psql nav
then in psql:
SELECT * FROM arp;
The sysname column documents which router the record was pulled from.
There's records there, but not those I wanted. Snmpwalking IP-MIB::ipNetToMediaPhysAddress doesn't reveal any more records either, so I guess there's where the problem lies.
Erik Weber wrote:
Morten Brekkevold wrote:
On Fri, 20 Feb 2009 09:22:34 +0100 Erik Weber twiztar@gmail.com wrote:
They have 80-96 snmpoids each, and they all seem to have ipNetToMediaPhysAddress
Could try to verify that there are any ARP entries recorded at all, using psql:
sudo -u postgres psql nav
then in psql:
SELECT * FROM arp;
The sysname column documents which router the record was pulled from.
There's records there, but not those I wanted. Snmpwalking IP-MIB::ipNetToMediaPhysAddress doesn't reveal any more records either, so I guess there's where the problem lies.
I might have a flaw, these are primarily used as layer 2 switches and doesn't actually do any routing or other fancy stuff, I guess that's why there's no IP to ARP records on them..
I don't know if I read this whole thing wrong, but I hope you're not missing out on something quite fundamental for IP searching to work.
NAV depends on having typically your routers or core switches added in order to be able to search for IPs. Typically your L2 switches does not contain any client ARP tables as your client VLAN normally is being routed on your core switch (or router, depending on your routing setup ofcourse) In short terms, you will need to have whatever is holding/routing your client VLAN added in NAV in order to see your clients IP addresses.
For example, lets say you get your guest VLAN delivered on L2 from another provider - you will never be able to search for the guest VLANs IPs as the CAM/ARP table is being held by your providers router/switch.
If your network is typically flat (with no VLANs or routing) - there is no link between your MAC addresses and IP addresses.
I hope that makes sense, and is somewhat helpful :)
Have a great weekend everyone!
------------------------------------------------------ Vidar Stokkenes Networking Consulant Networking and telecom Department Helse Nord IKT
Tlf: 76 16 61 87 / 77 66 99 55 Cell: 95 87 99 42 e-mail: vidar.stokkenes@hn-ikt.no
Before printing, think about the environment
-----Original Message----- From: Erik Weber [mailto:twiztar@gmail.com] Sent: 20. februar 2009 16:11 To: Morten Brekkevold Cc: nav-users@uninett.no Subject: Re: Seaching for IP/MAC-address
Erik Weber wrote:
Morten Brekkevold wrote:
On Fri, 20 Feb 2009 09:22:34 +0100 Erik Weber twiztar@gmail.com wrote:
They have 80-96 snmpoids each, and they all seem to have ipNetToMediaPhysAddress
Could try to verify that there are any ARP entries recorded at all, using psql:
sudo -u postgres psql nav
then in psql:
SELECT * FROM arp;
The sysname column documents which router the record was pulled from.
There's records there, but not those I wanted. Snmpwalking IP-MIB::ipNetToMediaPhysAddress doesn't reveal any more records either, so I guess there's where the problem lies.
I might have a flaw, these are primarily used as layer 2 switches and doesn't actually do any routing or other fancy stuff, I guess that's why there's no IP to ARP records on them..
-- Erik
On Fri, 20 Feb 2009 16:11:13 +0100 Erik Weber twiztar@gmail.com wrote:
I might have a flaw, these are primarily used as layer 2 switches and doesn't actually do any routing or other fancy stuff, I guess that's why there's no IP to ARP records on them..
That would explain your lack of records, yes. As Vidar Stokkenes said, you need to monitor an actual router that routes the VLANs you wish to track machines on.
Feel free to criticize our documentation (or lack thereof) if this isn't made obvious somewhere :)
Morten Brekkevold wrote:
On Fri, 20 Feb 2009 16:11:13 +0100 Erik Weber twiztar@gmail.com wrote:
I might have a flaw, these are primarily used as layer 2 switches and doesn't actually do any routing or other fancy stuff, I guess that's why there's no IP to ARP records on them..
That would explain your lack of records, yes. As Vidar Stokkenes said, you need to monitor an actual router that routes the VLANs you wish to track machines on.
Feel free to criticize our documentation (or lack thereof) if this isn't made obvious somewhere :)
No, it's my mistake, I was certain that those boxes actually had that kind of information. I'm working on getting access to the necessary routers :-)
Morten Brekkevold wrote:
On Thu, 19 Feb 2009 15:04:18 +0100 Erik Weber twiztar@gmail.com wrote:
I've just installed NAV locally to get the Machine Tracker, however, I can only search for ip addresses when checking the Inactive field. Results doesn't contain the MAC address either.. Any idea why this is happening? We're running cisco layer 2/3 switches (added as GSW equipment).
What version of NAV is this? What Cisco switches are you using? What are the numbers of compatible SNMP-OIDs in the IP Device Report's snmp-column for these devices? Are you able to find any CAM entries at all when performing a switch search for one of your switches (when omitting module/interface from the search)?
It just struck me, I'm not actually sure that what I'm trying to do is possible, so could anyone clarify that first before I continue to troubleshoot?
What I'm trying to do, is to search for a client or end point IP, e.g the IP associated with a connected MAC address, and not the equipment monitored by NAV itself. Much like that MAC searching utility, but for IP addresses.
On Fri, 20 Feb 2009 13:20:18 +0100 Erik Weber twiztar@gmail.com wrote:
What I'm trying to do, is to search for a client or end point IP, e.g the IP associated with a connected MAC address, and not the equipment monitored by NAV itself. Much like that MAC searching utility, but for IP addresses.
The Machine Tracker is for tracking client machines, using data collected from the devices monitored by NAV, so apparently you are using it correctly.
-
Erik Weber -
Morten Brekkevold -
Stokkenes Vidar