NeDi Community
NeDi Software Specific => Discovery => Topic started by: moeb1980 on May 08, 2018, 02:20:06 pm
-
Hello, since I have a transparent firewall I set the "useivl" parameter. For all the devices in the vlan I set for the "useivl" parameter, Nedi add the vlan at the end of the mac address and because of that I can't have the IP of the devices. Is this the normal behaviour or I have another parameter to set So I can get the ip ?
I joint an exemple.
Sorry for my bad english :-[
-
IVL should not prevent IP asignments (unless I made a mistake)...
However do you really need IVL? It's usually required if you have different nodes with the same MAC address in different Vlans...
-
Hello, I used IVL because I have the same mac on 2 vlan because of the transparent firewall. Without using IVL the computers behind the firewall were not added in the Nodes menu. For an unknown reason (I guess that the vlan number is smaller), Nedi took the other vlan and does not create the node.
-
Ok, I see your idea behind it. However IVL is intended to keep the same MAC of different hosts apart. Technically you still have the same hosts...
Do the nodes appear, where they're actually connected? If it's on the connection to the FW, you could add a static link with Topology-Linked to avoid that...
-
Hello, the nodes does not appear where it is connected on the switch. It does not appear at all. The IP and the mac appears in the table nodarp though. Here is what I thing happen in the discovery:
Let's say the user vlan is 500 and the transparent firewall vlan is 505.
1- Nedi scans the router and get the arp table. Only for the vlan 505 there is an IP.
2- Nedi scans the user switch and discover the node on the interface (The mac address).
3- Nedi gets the mac address table on the user switch. and the mac address appear twice. the first time for the vlan 500 and the second time for the vlan 505.
4- Because the first time Nedi matches the mac address for the vlan 500 and there is no arp for the vlan 500 (only for 505) Nedi does not create the node in the table.
I will take a look for the static link.
-
ARP entries are matched to MAC no matter the Vlan. Try nedi.pl -v and look for lines beginning with FWD. If you see an M or D at the end of the line, it means the MAC was found on an uplink. Therefore it won't be added as node. Do you see lines without M or D?
-
Hello, sorry for the delay.
Here is the result with the verbose option.
Vlan 500 ->user vlan where the node is.
Vlan 505 ->transparent firewall vlan. The node talks to another node on than vlan so it appears in the mac address table on both vlan.
On the ARP table of the router there is only an ip for the vlan 500.
I kept all the verbose if you want more detail.
-------------------------------------------------------
CMDR:show mac address-table | e CPU|Switch|Router|/.*, result is OK
FWDC:001f2903c12d on Gi4/0/27 Vl500 1G-FD 1
FWDC:001f2903c12d on Po1 Vl505 2G-- 1123 M
--------------------------------------------------------------------
-
This line means, it was found on an access port:
FWDC:001f2903c12d on Gi4/0/27 Vl500 1G-FD 1
So, in Nodes-List you should see that node connected on Gi4/0/27, right? grep the whole output for that MAC address, if not to see how far it comes...
-
No actually it does add the node to the database if I don't use the "useivl" parameter. It is like Nedi keep only the last line which has the other vlan for the same MAC.
I can completely reset the database and retry without the "useivl" again to see if it was just a glitch.