Welcome, Guest. Please login or register.

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - tristanbob

Pages: [1] 2 3
1
We love being able to view a network device in Nedi and see how long each of the ports have been in their current state.   This lets us find ports that have been down for over a year so that we know that we can reuse these ports.  However, we are starting to find some models of switches do not have anything in this field, just a "-".

I assume this must be caused by a missing or wrong entry in the .DEF file.   Which one is it? 

Thanks!

Tristan

2
Installation / Missing dependencies on "Install" instructions for Ubuntu
« on: September 16, 2016, 07:55:22 PM »
I recently used the Ubuntu instructions here:

http://www.nedi.ch/installation/

Nedi was working fine for the most part, but then I tried to initiate a backup using the web-interface.

https://nedi.mydomain.com/System-NeDi.php

That page caused Nedi to complain about some missing Perl modules.   I fixed it by installing these packages:

libdbi-perl
libdbd-mysql-perl

3
I noticed my Nodes feature has been getting slower and slower, so I checked on the quantity of nodes:

New    2,171
Active    4,525,308
Wlan    4,796,687
IP Change    1,063,297
IF Change    15,805,663
No Name    18,231
No IP    16,408
Discover Once    167,450

Total    24,563,767

There is no way there are that many nodes on our network! And these numbers keep growing.  My theory is that Nedi is creating a new Node entry any time there is a unique "DNS name + IP + MAC" combo.  On our wireless, we have 15 min DHCP leases so users could be seen on hundreds of different IPs.

I searched for one node with DNS name of "amelia-pond", and it came up with the 527 results.  The DNS name name was always the same, but the MAC address (including vendors) and IPs varied a lot. 

I am running Nedi version 1.5.225.  We didn't have this explosive growth problem with previous versions.

Cheers!

Tristan



4
Discovery / SSH discovery fails if keys change... but I have a solution!
« on: January 21, 2015, 07:31:42 PM »
I keep seeing several email alerts from Nedi 1.4 that say this:

22) blg-100-sw1 CLI Bridge Fwd error: no working user

I found out that this is because SSH is warning that the key is different from the one in "~/.ssh/known_hosts"

Current:

ssh -o 'StrictHostKeyChecking no' -l nedi 10.1.6.1

Fixed:

ssh -o 'UserKnownHostsFile /dev/null' -o 'StrictHostKeyChecking no' -l nedi 10.1.6.1

Please add this change to Nedi so that it can still find devices with changed SSH keys!

/inc/libcli.pm, line 518 on Nedi 1.4
              my $known = "-o 'UserKnownHostsFile /dev/null' -o 'StrictHostKeyChecking no'";


Tristan

5
GUI / Creating amazingly cool network maps with Nedi!
« on: January 13, 2015, 07:36:03 PM »
I have been having the time of my life playing with the new mapping capabilities inside Nedi.  I think many people don't understand how powerful they are, since it requires some tweaking to get results.

Here are some pointers to get you started:

Filter: (Used to restrict which devices are drawn on the map)

Here are some examples:

Device != ap   
(Hundreds of wireless access points (AP) can make a campus map too crowded, so don't display them.  This requires that you use "ap" in the name of your APs.)

Device = buildingname
(Great for getting a view of devices in one area)

Size and Format

I like to choose the biggest size that fits on my screen, which is currently "1920x1200".  If you want to use a custom size, you can manually edit the part of the URL for this.  For example: "&dim=1920x1920".

"SVG" format is great for a static map, that can be zoomed into using the browser's built in zoom function.

"JSON" is a REALLY fun output that is dynamic and interactive.  You will see the nodes bounce about trying to find the optimal design, and you can click and drag on nodes to make them move.

Map Type

We do not use customized SNMP location strings, so the only useful option for us here is "Devices" and "Flat".

Connection End

I can't figure out what "Connection" setting does, it doesn't seem to affect anything.  I do know that "Metric" is used to specify how spread apart the map will be.  Low numbers will make devices bunch up, and big numbers will spread everything apart.   (Note: These settings are ONLY used with the JSON format.)

Connection format

You can play with these, but I like the "Arc" and "Straight" lines the best.  "Length" is another setting used to specify how spread apart the map will be.  (Note: This setting does NOT have any affect when using the JSON format.)

Connection Information

This will add information about the links, such as link type (100 Mbps/1 Gbps/10Gbps) and link usage as percentage of the total link capacity.  (Note: This setting does NOT have any affect when using the JSON format.)

Node Configuration

This is probably my favorite feature of this tool.  I like to select "CPU Load" or "Tempurature".  This colors the devices based on the values of those sensors.  For example, Red devices have High CPU or High Temp.  "Image Large" can be used to show your manager what devices are on your network.   

Conclusion

Those are all the settings I use.  What settings do you use?









6
Database / monthly DB cleanup?
« on: January 13, 2015, 03:51:39 PM »
I saw this entry in the example crontab with 1.4:

# monthly DB cleanup on the 1st at 1:00 with output in /tmp
#0 1 1 * *      /var/nedi/contrib/nedio_db_maintenance.sh /var/nedi/nedi.conf /tmp/nedi-dbcleanup

However, the 1.4 tar file didn't include the contrib directory, so I can't see what this script does.  Anyone know what this is?

Tristan


7
tristanrhodes@nedi:/opt/nedi$ ./nedi.pl -vpr

****** TRUNCATED OUTPUT *******

FWDC:000ffee62808 on Gi1/20     Vl999   1G-FD
FWDC:10604b70c201 on Gi1/26     Vl999   1G-FD
FWDC:d4ca6ddaeb5f on Gi2/32     Vl999   1G-FD
FWDC:00152cfa9f80 on Po51       Vl      2G--
FWDC:0 bridge forwarding entries found

Write Nodes ------------------------------------------------------------------
EVNT:MOD=F/1 L=100 CL=secn TGT=d-9-gw1 MSG=Node b0faeb8885ec appeared on Po3 Vl100
EVNT:MOD=F/1 L=100 CL=secn TGT=d-9-gw1 MSG=Node 7cad748993c0 appeared on Po3 Vl900
EVNT:MOD=F/1 L=100 CL=secn TGT=d-9-gw1 MSG=Node 7cad748986ff appeared on Po2 Vl900
EVNT:MOD=F/1 L=100 CL=secn TGT=d-9-gw1 MSG=Node 7cad74898480 appeared on Po5 Vl900
EVNT:MOD=F/1 L=100 CL=secn TGT=d-9-gw1 MSG=Node 4403a7a31d0e appeared on Gi1/21 Vl100
EVNT:MOD=F/1 L=100 CL=secn TGT=d-9-gw1 MSG=Node 34dbfd48f6c1 appeared on Po52 Vl900
EVNT:MOD=F/1 L=100 CL=secn TGT=d-9-gw1 MSG=Node b0faeb888ca0 appeared on Po4 Vl100
EVNT:MOD=F/1 L=100 CL=secn TGT=d-9-gw1 MSG=Node 4c4e35c733e8 appeared on Po1 Vl100
EVNT:MOD=F/1 L=100 CL=secn TGT=d-9-gw1 MSG=Node 7cad748993ff appeared on Po3 Vl900
EVNT:MOD=F/1 L=100 CL=secn TGT=d-9-gw1 MSG=Node 4c4e35c733a7 appeared on Po2 Vl900
EVNT:MOD=F/1 L=100 CL=secn TGT=d-9-gw1 MSG=Node 7cad74899340 appeared on Po4 Vl900
EVNT:MOD=F/1 L=100 CL=secn TGT=d-9-gw1 MSG=Node b0faeb888d41 appeared on Po4 Vl100
EVNT:MOD=F/1 L=100 CL=secn TGT=d-9-gw1 MSG=Node 7cad748986c0 appeared on Po2 Vl900
EVNT:MOD=F/1 L=100 CL=secn TGT=d-9-gw1 MSG=Node 7cad7418966d appeared on Po5 Vl900
EVNT:MOD=F/1 L=100 CL=secn TGT=d-9-gw1 MSG=Node 7cad748984bf appeared on Po5 Vl900
DBD::mysql::db do failed: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'ifchanges=2,metric='HHH',noduser='' WHERE mac='00152cfa9f80'' at line 1 at ./inc/libdb.pm line 1902.
DBD::mysql::db do failed: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'ifchanges=2,metric='HHH',noduser='' WHERE mac='00152cfa9f80'' at line 1 at ./inc/libdb.pm line 1902.
tristanrhodes@nedi:/opt/nedi$

Not sure what happened, but it might be related to us manually importing node information from an older version of Nedi.  This is the format we used (we left out a field called "metric" because it didn't match between versions):

INSERT INTO `nodes` (`mac`, `oui`, `firstseen`, `lastseen`, `device`, `ifname`, `vlanid`, `ifupdate`, `ifchanges`) VALUES
('000000000001', 'XEROX CORPORATION', 1389906901, 1392938101, 'te-dc-dellblade-sw1', 'Po1', 10, 1392938101, 1),

8
Installation / Database error when initializing Nedi 1.0.9 on MySQL 5.5.38
« on: December 20, 2014, 01:30:44 AM »
Code: [Select]
tristanrhodes@nedi:/opt/nedi$ sudo ./nedi.pl -i

Initialize NeDi DB!!!
------------------------------------------------------------------------
mysql admin user: root
mysql admin pass: NotMyRealPassword
NeDi host (where the discovery runs on: mysql.mgmt.domain.com
DB Version      : 5.5.38-0ubuntu0.12.04.1-log
----------------------------------------------------------------------
DBD::mysql::db do failed: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '-109' at line 1 at ./inc/libdb.pm line 132, <STDIN> line 3.
DBD::mysql::db do failed: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '-109' at line 1 at ./inc/libdb.pm line 132, <STDIN> line 3.
tristanrhodes@nedi:/opt/nedi$ sudo ./nedi.pl
DBI connect('dbname=nedi-109;host=mysql.mgmt.domain.com','nedi',...) failed: Access denied for user 'nedi'@'nedi.domain.com' to database 'nedi-109' at ./inc/libdb.pm line 46

Here are my relavent settings:

Code: [Select]
# Choose backend (mysql or Pg)
backend         mysql

# DB params
dbname          nedi-109
dbuser          nedi
dbpass          DatabaseUserPassword
dbhost          mysql.mgmt.domain.com

9
GUI / Nedi integration with Observium?
« on: December 14, 2014, 12:24:15 AM »
As a 10-year user of Nedi, I have loved the amazing features that we get for free.  These include:

 
  • automated discovery of network devices by crawling the CDP/LLDP network
  • sending bulk commands to devices
  • backing up device configs
  • automatic network maps
  • inventory reporting (models, software, port utilization)
  • IPAM (networks, IPs, routes being used)
  • email alerts on high CPU, low memory, config changes
  • real-time traffic graphs on swithports
  • tracking computers (nodes) by DNS, IP address, MAC address, vendor, open ports (NMAP)

One area that Nedi has not been successful for us is monitoring interfaces on a short time-frame (5 mins).  This is mainly because Nedi takes over an hour for our discovery to complete.  Therefore, we have been using Cacti for years to provide performance monitoring.  The downside is that Cacti does not have auto-discovery, so we manually added a subset of our devices using their basic template for switches.  Nedi has basic integration with Cacti (I think by linking to the graphic generated by Cacti) but we don't use this feature.

However, a few months ago we started testing Observium to see what it can do.

Here is what Observium does very well:

  • automated discovery of network devices by crawling the CDP/LLDP network
  • polling and graphing of every component in the device
  • capable of 5-minute polling of hundreds of devices using multiple threads
  • alerting based on device availability and performance thresholds (paid subscription only)

Observium does collect basic information about end nodes (ARP table, MAC address table) but this information is hard to search, and it show every port that a MAC address was seen on, including uplinks and trunks.

My question is whether it makes sense to take the best of both Nedi and Observium, similar to the current Cacti integration, so that Observium graphs can be seen in Nedi?  (This may not work the same as Cacti, because I don't know the details)

Here is the URL of an interface graph in Observium:
https://observium.domain.com/graph.php?type=port_bits&to=1418429035&id=8883&from=1418342635&height=300&width=1159

Cheers,

Tristan






 

10
Discovery / How does Nedi you determine the final location of node?
« on: September 11, 2014, 05:51:05 PM »
I am curious how Nedi determines the final location of a node. 

If you only queried the MAC tables, you would see the MAC address on a lot of interfaces. 

Do you simply "rule-out" interfaces that are known to be neighbors of other network devices? 

And thus you are only left with the interface that face the end node?

11
This list is entirely based on the contents of .def files in /nedi/sysobj.  I couldn't find this information anywhere else and I want Google to find it.

1.3.6.1.4.1.9.1.394.def:Type    12410PRP
1.3.6.1.4.1.2356.500.4.18212.def:Type   1822n
1.3.6.1.4.1.45.3.72.2.def:Type  2526T-PWR
1.3.6.1.4.1.45.3.61.1.def:Type  325-24T
1.3.6.1.4.1.45.3.30.2.def:Type  350-24T
1.3.6.1.4.1.45.3.30.1.def:Type  350F-HD
1.3.6.1.4.1.43.1.8.63.def:Type  3Com-2924-PWR
1.3.6.1.4.1.43.1.16.4.3.23.def:Type     3Com-4500G-PWR26
1.3.6.1.4.1.43.1.16.4.3.24.def:Type     3Com-4500-PWR50
1.3.6.1.4.1.43.1.16.4.3.36.def:Type     3Com-4800G-PWR-24
1.3.6.1.4.1.43.1.16.4.3.37.def:Type     3Com-4800G-PWR48
1.3.6.1.4.1.43.1.16.4.3.18.def:Type     3Com-5500G-EI-24
1.3.6.1.4.1.43.1.16.4.3.7.def:Type      3Com-5500G-EI-24
1.3.6.1.4.1.43.1.16.4.3.15.def:Type     3Com-5500G-EI 48
1.3.6.1.4.1.43.1.21.11.def:Type 3Com-NJ2000
1.3.6.1.4.1.43.1.8.64.def:Type  3Com-Officeconnect
1.3.6.1.4.1.43.1.16.4.3.31.def:Type     3Com-S4500G-48
1.3.6.1.4.1.43.1.16.4.3.13.def:Type     3Com-S5500-28-EI
1.3.6.1.4.1.43.1.16.4.3.13o.def:Type    3Com-S5500-28-EI
1.3.6.1.4.1.43.1.8.44.def:Type  3Com-SS3-3870-48
1.3.6.1.4.1.43.1.16.4.3.22.def:Type     3Com SS3-4500-50
1.3.6.1.4.1.43.10.27.4.1.2.2.def:Type   3Com-SuperStack3-3300
1.3.6.1.4.1.43.10.27.4.1.2.4.def:Type   3Com-SuperStack3-4400-24PWR
1.3.6.1.4.1.45.3.36.1.def:Type  410-24T
1.3.6.1.4.1.45.3.43.1.def:Type  420-24T
1.3.6.1.4.1.45.3.57.2.def:Type  425-24T
1.3.6.1.4.1.45.3.35.1.def:Type  450-24T
1.3.6.1.4.1.45.3.71.4.def:Type  4550T-PWR
1.3.6.1.4.1.45.3.54.1.def:Type  470-24T
1.3.6.1.4.1.45.3.46.1.def:Type  470-48T
1.3.6.1.4.1.45.3.64.1.def:Type  470-48T-PWR
1.3.6.1.4.1.45.3.59.1.def:Type  5520-24T-PWR
1.3.6.1.4.1.10418.3.1.5.def:Type        A1000R
1.3.6.1.4.1.9.1.1231.def:Type   ACE10-6500-K9
1.3.6.1.4.1.9.1.1291.def:Type   ACE10-6500-K9
1.3.6.1.4.1.9.1.730.def:Type    ACE10-6500-K9
1.3.6.1.4.1.5468.1.4.def:Type   Actelis-ml624
1.3.6.1.4.1.9.1.507.def:Type    AIR-AP1100
1.3.6.1.4.1.9.1.618.def:Type    AIR-AP1131AG-E-K9
1.3.6.1.4.1.9.1.474.def:Type    AIR-AP1220
1.3.6.1.4.1.9.1.525.def:Type    AIR-AP1230
1.3.6.1.4.1.9.1.685.def:Type    AIR-AP1240
1.3.6.1.4.1.9.1.758.def:Type    AIR-AP1252
1.3.6.1.4.1.9.1.552.def:Type    AIR-AP350
1.3.6.1.4.1.9.1.565.def:Type    AIR-BR1310
1.3.6.1.4.1.9.1.533.def:Type    AIR-BR1410
1.3.6.1.4.1.9.1.1069.def:Type   AIR-CT5508
1.3.6.1.4.1.9.1.1659.def:Type   AIR-SAP2602E-E-K9
1.3.6.1.4.1.9.1.828.def:Type    AIR-WLC2112-K9
1.3.6.1.4.1.14179.1.1.4.3.def:Type      AIR-WLC4404-100-K9
1.3.6.1.4.1.3854.1.2.2.1.1.def:Type     akcp-HHMSS
1.3.6.1.4.1.3854.1.def:Type     AKCP-SP2
1.3.6.1.4.1.1872.1.13.2.3.def:Type      Alteon-3408E
1.3.6.1.4.1.2925.4.def:Type     AlterPath_ACS
1.3.6.1.4.1.6486.800.1.1.2.1.10.1.1.def:Type    ALU-OS6400-24
1.3.6.1.4.1.6486.800.1.1.2.1.10.1.5.def:Type    ALU-OS6400-48
1.3.6.1.4.1.6486.800.1.1.2.1.10.1.3.def:Type    ALU-OS6400-U24
1.3.6.1.4.1.6486.800.1.1.2.1.12.1.1.def:Type    ALU-OS6450-10
1.3.6.1.4.1.6486.800.1.1.2.1.12.1.5.def:Type    ALU-OS6450-24
1.3.6.1.4.1.6486.800.1.1.2.1.7.1.47.def:Type    ALU-OS6850E-24X
1.3.6.1.4.1.6486.800.1.1.2.1.9.1.1.def:Type     ALU-OS6855-14
1.3.6.1.4.1.32620.1.1.def:Type  Anue 5236
1.3.6.1.4.1.4935.1.3.def:Type   AP1120
1.3.6.1.4.1.318.1.3.11.def:Type APC AP7721
1.3.6.1.4.1.318.1.3.2.7.def:Type        APC SmartUPS1500
1.3.6.1.4.1.318.1.3.2.12.def:Type       APC SmartUPS3000
1.3.6.1.4.1.318.1.3.2.18.def:Type       APC SmartUPS5000
1.3.6.1.4.1.14823.1.1.13.def:Type       Aruba3200
1.3.6.1.4.1.14823.1.1.15.def:Type       Aruba3400
1.3.6.1.4.1.14823.1.1.19.def:Type       Aruba650
1.3.6.1.4.1.9.1.745.def:Type    ASA5505
1.3.6.1.4.1.9.1.669.def:Type    ASA5510
1.3.6.1.4.1.9.1.670.def:Type    ASA5520
1.3.6.1.4.1.9.1.753.def:Type    ASA5550
1.3.6.1.4.1.9.1.915.def:Type    ASA5580
1.3.6.1.4.1.2272.30.def:Type    Avaya ERS8610
1.3.6.1.4.1.3417.1.3.7.def:Type BC-AV1200
1.3.6.1.4.1.3417.1.1.27.def:Type        BC-SG510-ProxySG
1.3.6.1.4.1.1991.1.1.def:Type   Bigiron
1.3.6.1.4.1.1991.1.3.7.2.def:Type       BigIron8000
1.3.6.1.4.1.3417.1.1.32.def:Type        BlueCoat SG 300
1.3.6.1.4.1.3417.1.1.25.def:Type        BlueCoat SG 810
1.3.6.1.4.1.9967.100.1100.1.def:Type    bluesocket
1.3.6.1.4.1.9967.100.2100.1.def:Type    bluesocket
1.3.6.1.4.1.26543.1.18.5.def:Type       BNT110Gb
1.3.6.1.4.1.26543.1.18.4.def:Type       BNT6p10Gb
1.3.6.1.4.1.1872.1.18.1.def:Type        BNT Layer 23 Copper
1.3.6.1.4.1.1991.1.3.48.2.1.def:Type    Brocade-FCX624
1.3.6.1.4.1.9.1.25.def:Type     C2500-DS40-L
1.3.6.1.4.1.9.1.448.def:Type    Cat4006
1.3.6.1.4.1.9.1.503.def:Type    Cat4503
1.3.6.1.4.1.9.1.874.def:Type    Cat4503-E
1.3.6.1.4.1.9.1.501.def:Type    Cat4507
1.3.6.1.4.1.9.1.221.def:Type    catalyst2912MfXL
1.3.6.1.4.1.9.1.219.def:Type    catalyst2912XL
1.3.6.1.4.1.9.1.218.def:Type    catalyst2924CXLv
1.3.6.1.4.1.9.1.220.def:Type    catalyst2924MXL
1.3.6.1.4.1.9.1.217.def:Type    catalyst2924XLv
1.3.6.1.4.1.9.1.695.def:Type    Catalyst-2960-48
1.3.6.1.4.1.9.1.301.def:Type    catalyst6kMsfc2
1.3.6.1.4.1.9.1.202.def:Type    catalyst8540msr
1.3.6.1.4.1.9.1.748.def:Type    CBS3020-HPQ
1.3.6.1.4.1.9.1.920alt.def:Type CBS31X0
1.3.6.1.4.1.9.1.726.def:Type    CE500
1.3.6.1.4.1.9.1.505.def:Type    ce510
1.3.6.1.4.1.311.1.1.3.1.2.def:Type      CER
1.3.6.1.4.1.2281.1.4.def:Type   Ceragon FibeAir 1500P
1.3.6.1.4.1.11.2.3.7.11.33.3.1.1.def:Type       CGESM
1.3.6.1.4.1.6141.1.81.def:Type  Ciena-
1.3.6.1.4.1.6141.1.83.def:Type  Ciena-
1.3.6.1.4.1.6141.1.84.def:Type  Ciena-
1.3.6.1.4.1.6141.1.77.def:Type  Ciena-CN
1.3.6.1.4.1.6141.1.79.def:Type  Ciena-Cn3940
1.3.6.1.4.1.6141.1.71.def:Type  Ciena-Le310
1.3.6.1.4.1.6141.1.47.def:Type  Ciena-Le311
1.3.6.1.4.1.6141.1.70.def:Type  Ciena-Le311v
1.3.6.1.4.1.9.1.113.def:Type    cisco1601
1.3.6.1.4.1.9.1.172.def:Type    cisco1605
1.3.6.1.4.1.9.1.444.def:Type    cisco1700
1.3.6.1.4.1.9.1.539.def:Type    cisco1700
1.3.6.1.4.1.9.1.201.def:Type    cisco1720
1.3.6.1.4.1.9.1.326.def:Type    cisco1751
1.3.6.1.4.1.9.1.416.def:Type    cisco1760
1.3.6.1.4.1.9.1.639.def:Type    Cisco-1802
1.3.6.1.4.1.9.1.640.def:Type    Cisco-1803
1.3.6.1.4.1.9.1.642.def:Type    Cisco-1812W
1.3.6.1.4.1.9.1.620.def:Type    cisco1841
1.3.6.1.4.1.9.1.19.def:Type     cisco2503
1.3.6.1.4.1.9.1.27.def:Type     cisco2511
1.3.6.1.4.1.9.1.30.def:Type     cisco2514
1.3.6.1.4.1.9.1.185.def:Type    cisco2610
1.3.6.1.4.1.9.1.466.def:Type    cisco2610XM
1.3.6.1.4.1.9.1.186.def:Type    cisco2611
1.3.6.1.4.1.9.1.467.def:Type    cisco2611XM
1.3.6.1.4.1.9.1.187.def:Type    cisco2612
1.3.6.1.4.1.9.1.208.def:Type    cisco2620
1.3.6.1.4.1.9.1.209.def:Type    cisco2621
1.3.6.1.4.1.9.1.468.def:Type    cisco2621XM
1.3.6.1.4.1.9.1.469.def:Type    cisco2621XM
1.3.6.1.4.1.9.1.319.def:Type    cisco2650
1.3.6.1.4.1.9.1.471.def:Type    cisco2651XM
1.3.6.1.4.1.9.1.413.def:Type    cisco2691
1.3.6.1.4.1.9.1.619.def:Type    cisco2801
1.3.6.1.4.1.9.1.576.def:Type    Cisco-2811
1.3.6.1.4.1.9.1.577alt.def:Type Cisco-2821
1.3.6.1.4.1.9.1.577.def:Type    Cisco-2821
1.3.6.1.4.1.9.1.578.def:Type    cisco2851
1.3.6.1.4.1.9.1.1045.def:Type   Cisco-2911
1.3.6.1.4.1.9.1.122.def:Type    Cisco-3620
1.3.6.1.4.1.9.1.110.def:Type    Cisco-3640
1.3.6.1.4.1.9.1.340.def:Type    Cisco-3662Ac
1.3.6.1.4.1.9.1.414.def:Type    cisco3725
1.3.6.1.4.1.9.1.436.def:Type    cisco3745
1.3.6.1.4.1.9.1.543.def:Type    cisco3825
1.3.6.1.4.1.9.1.544.def:Type    cisco3845
1.3.6.1.4.1.9.1.14.def:Type     cisco4500
1.3.6.1.4.1.9.1.821.def:Type    Cisco7201
1.3.6.1.4.1.9.1.125.def:Type    cisco7204
1.3.6.1.4.1.9.1.223.def:Type    cisco7204VXR
1.3.6.1.4.1.9.1.108.def:Type    cisco7206
1.3.6.1.4.1.9.1.222.def:Type    cisco7206VXR
1.3.6.1.4.1.9.1.658.def:Type    CISCO7604
1.3.6.1.4.1.9.1.402.def:Type    CISCO7606
1.3.6.1.4.1.9.1.509.def:Type    cisco7609
1.3.6.1.4.1.9.1.214.def:Type    cisco803
1.3.6.1.4.1.9.1.497.def:Type    cisco831
1.3.6.1.4.1.9.1.499.def:Type    cisco836
1.3.6.1.4.1.9.1.834.def:Type    Cisco861
1.3.6.1.4.1.9.1.568.def:Type    cisco870
1.3.6.1.4.1.9.1.570.def:Type    cisco870
1.3.6.1.4.1.9.1.571.def:Type    Cisco871
1.3.6.1.4.1.9.1.1645.def:Type   Cisco AIR-CT5760
1.3.6.1.4.1.9.1.154.def:Type    ciscoAS2511-RJ
1.3.6.1.4.1.9.1.162.def:Type    ciscoAS5300
1.3.6.1.4.1.9.1.313.def:Type    ciscoAS5350
1.3.6.1.4.1.9.1.679.def:Type    ciscoAS5350XM
1.3.6.1.4.1.9.1.362.def:Type    ciscoIAD2420
1.3.6.1.4.1.9.1.663.def:Type    ciscoNme16Es1Ge
1.3.6.1.4.1.9.1.592.def:Type    ciscoOS-CIGESM-18TT-EBU
1.3.6.1.4.1.9.1.949.def:Type    cisco WS-CBS3130
1.3.6.1.4.1.9.1.168.def:Type    ciscoWSX5302
1.3.6.1.2.1.47.1.1.1.1.13.1.def:Type    CSACS-1121-K9
1.3.6.1.4.1.2467.4.5.def:Type   CSS
1.3.6.1.4.1.9.9.368.4.5.def:Type        CSS11503
1.3.6.1.4.1.171.10.75.4.def:Type        D-LinkDES-1252
1.3.6.1.4.1.9.12.3.1.3.606.def:Type     DS-HP-FC-K9
1.3.6.1.4.1.10418.7.1.9.def:Type        DSR1020
1.3.6.1.4.1.10418.7.1.22.def:Type       DSR2035
1.3.6.1.4.1.1991.1.5.1.1.4.2.1.def:Type EIF2402CF
1.3.6.1.4.1.1991.1.5.1.1.4.3.1.def:Type EIF4802CF
1.3.6.1.4.1.5624.2.1.87.def:Type        Enterasys A-Series
1.3.6.1.4.1.5624.2.1.96.def:Type        Enterasys C3G124-24
1.3.6.1.4.1.5624.2.1.83.def:Type        Enterasys Chassis
1.3.6.1.4.1.45.3.65.def:Type    ERS5530-24TFD
1.3.6.1.4.1.2636.1.1.1.2.43.def:Type    EX2200
1.3.6.1.4.1.3375.2.1.3.4.20.def:Type    F5 BigIP 1600
1.3.6.1.4.1.1991.1.3.25.2.def:Type      FES2402
1.3.6.1.4.1.1991.1.3.26.1.def:Type      FES4802Switch
1.3.6.1.4.1.1991.1.3.1.1.def:Type       FESX424
1.3.6.1.4.1.1991.1.3.34.1.1.1.1.def:Type        FESX424
1.3.6.1.4.1.1991.1.3.34.1.1.1.2.def:Type        FESX424
1.3.6.1.4.1.1991.1.3.34.2.1.1.2.def:Type        FESX448
1.3.6.1.4.1.1991.1.3.34.2.1.2.2.def:Type        FESX448
1.3.6.1.4.1.1991.1.3.34.8.1.2.2.def:Type        FESX624HF
1.3.6.1.4.1.1991.1.3.45.2.1.1.1.def:Type        FGS648P
1.3.6.1.4.1.12356.101.1.1004.def:Type   FGT_100D
1.3.6.1.4.1.12356.101.1.3002.def:Type   FGT_310B
1.3.6.1.4.1.12356.101.1.30401.def:Type  FGT_3140B
1.3.6.1.4.1.12356.60.def:Type   FGT60
1.3.6.1.4.1.12356.600.def:Type  FGT600
1.3.6.1.4.1.12356.8000.def:Type FGT800
1.3.6.1.4.1.1991.1.3.22.2.def:Type      FI400Router
1.3.6.1.4.1.1991.1.3.21.2.def:Type      FI4802-PREM
1.3.6.1.4.1.12356.102.1.8000.def:Type   FortiAnalyzer800
1.3.6.1.4.1.12356.101.1.12400.def:Type  Fortigate1240B
1.3.6.1.4.1.12356.101.1.2001.def:Type   Fortigate200A
1.3.6.1.4.1.12356.101.1.5001.def:Type   Fortigate500A
1.3.6.1.4.1.12356.5001.def:Type Fortigate500A
1.3.6.1.4.1.12356.101.1.502.def:Type    Fortigate50B
1.3.6.1.4.1.12356.101.1.8000.def:Type   Fortigate800
1.3.6.1.4.1.12325.1.1.2.1.1.def:Type    FreeBSD
1.3.6.1.4.1.94.1.21.2.1.144.def:Type    fw
1.3.6.1.4.1.1991.1.3.21.1.def:Type      FWS4802Switch
1.3.6.1.4.1.9.1.522.def:Type    FWSM
1.3.6.1.4.1.9.1.674.def:Type    FWSM
1.3.6.1.4.1.1991.1.3.35.2.1.1.1.def:Type        FWSX448
1.3.6.1.4.1.5205.2.18.def:Type  GS-2108C
1.3.6.1.4.1.5205.2.9.def:Type   GS-2124C
1.3.6.1.4.1.25506.11.1.86.def:Type      HP10504
1.3.6.1.4.1.25506.11.1.111.def:Type     HP12508
1.3.6.1.4.1.25506.1.392.def:Type        HP12518
1.3.6.1.4.1.11.2.3.7.11.65.def:Type     HP1800-24G
1.3.6.1.4.1.11.2.3.7.11.81.def:Type     HP1800-24G
1.3.6.1.4.1.11.2.3.7.11.66.def:Type     HP1800-8G
1.3.6.1.4.1.11.2.3.7.11.104.def:Type    HP1810-24G
1.3.6.1.4.1.25506.11.1.115.def:Type     HP1910
1.3.6.1.4.1.25506.11.1.116.def:Type     HP1910
1.3.6.1.4.1.11.2.3.7.11.61.def:Type     HP2510-24
1.3.6.1.4.1.11.2.3.7.11.90.def:Type     HP2510-24
1.3.6.1.4.1.11.2.3.7.11.89.def:Type     HP2510-48
1.3.6.1.4.1.11.2.3.7.11.88.def:Type     HP2510G-24
1.3.6.1.4.1.11.2.3.7.11.18.def:Type     HP2512
1.3.6.1.4.1.11.2.3.7.11.96.def:Type     HP2520-8G-PoE
1.3.6.1.4.1.11.2.3.7.11.94.def:Type     HP2520G-8-PoE
1.3.6.1.4.1.11.2.3.7.11.95.def:Type     HP2520G-8-PoE
1.3.6.1.4.1.11.2.3.7.11.97.def:Type     HP2520G-8-PoE
1.3.6.1.4.1.11.2.3.7.11.19.def:Type     HP2524
1.3.6.1.4.1.11.2.3.7.11.137.def:Type    HP2530-24G-PoE+
1.3.6.1.4.1.11.2.3.7.11.55.def:Type     HP2600-8-PWR
1.3.6.1.4.1.11.2.3.7.11.76.def:Type     HP2610-24
1.3.6.1.4.1.11.2.3.7.11.80.def:Type     HP2610-2412PWR
1.3.6.1.4.1.11.2.3.7.11.78.def:Type     HP2610-24-POE
1.3.6.1.4.1.11.2.3.7.11.77.def:Type     HP2610-48
1.3.6.1.4.1.11.2.3.7.11.79.def:Type     HP2610-48-POE
1.3.6.1.4.1.11.2.3.7.11.129.def:Type    HP2620-24
1.3.6.1.4.1.11.2.3.7.11.132.def:Type    HP2620-48
1.3.6.1.4.1.11.2.3.7.11.133.def:Type    HP2620-48PoEP
1.3.6.1.4.1.11.2.3.7.11.34.def:Type     HP2626
1.3.6.1.4.1.11.2.3.7.11.36.def:Type     HP2626
1.3.6.1.4.1.11.2.3.7.11.45.def:Type     HP2626
1.3.6.1.4.1.11.2.3.7.11.82.def:Type     HP2626
1.3.6.1.4.1.11.2.3.7.11.29.def:Type     HP2650
1.3.6.1.4.1.11.2.3.7.11.44.def:Type     HP2650
1.3.6.1.4.1.11.2.3.7.11.83.def:Type     HP2650
1.3.6.1.4.1.11.2.3.7.11.63.def:Type     HP2810-24G
1.3.6.1.4.1.11.2.3.7.11.64.def:Type     HP2810-48G
1.3.6.1.4.1.11.2.3.7.11.31.def:Type     HP2824
1.3.6.1.4.1.11.2.3.7.11.32.def:Type     HP2848
1.3.6.1.4.1.11.2.3.7.11.68.def:Type     HP2900-48G
1.3.6.1.4.1.11.2.3.7.11.86.def:Type     HP2910al-24G
1.3.6.1.4.1.11.2.3.7.11.84.def:Type     HP2910al-24G-PoE
1.3.6.1.4.1.11.2.3.7.11.85.def:Type     HP2910al-24G-PoE
1.3.6.1.4.1.11.2.3.7.11.87.def:Type     HP2910al-48G
1.3.6.1.4.1.25506.11.1.55.def:Type      HP3100-8
1.3.6.1.4.1.11.2.3.7.11.42.def:Type     HP3400yl-24G
1.3.6.1.4.1.11.2.3.7.11.114.def:Type    HP3500-24G-PoE
1.3.6.1.4.1.11.2.3.7.11.59.def:Type     HP3500-48G-PoE
1.3.6.1.4.1.11.2.3.7.11.115.def:Type    HP3500-48G-PoE+
1.3.6.1.4.1.11.2.3.7.11.58.def:Type     HP3500yl-24G-PoE
1.3.6.1.4.1.11.2.3.7.11.119.def:Type    HP3800-24G-PoEP-2SFP+
1.3.6.1.4.1.11.2.3.7.8.5.2.def:Type     HP3800S
1.3.6.1.4.1.11.2.3.7.11.9.def:Type      HP4000M
1.3.6.1.4.1.1588.2.1.1.32.def:Type      HP4100
1.3.6.1.4.1.11.2.3.7.11.56.def:Type     HP4204vl-48G
1.3.6.1.4.1.11.2.3.7.11.53.def:Type     HP4208vl
1.3.6.1.4.1.1588.2.1.1.1.def:Type       HP5100
1.3.6.1.4.1.25506.11.1.11.def:Type      HP5120-16G-SI
1.3.6.1.4.1.25506.1.515.def:Type        HP5120-24G-EI
1.3.6.1.4.1.25506.1.519.def:Type        HP5120-24G-EI-PWR
1.3.6.1.4.1.25506.11.1.35.def:Type      HP5120-24G-PoE+EI
1.3.6.1.4.1.25506.1.462.def:Type        HP5120-24G-SI
1.3.6.1.4.1.25506.1.516.def:Type        HP5120-48G-EI
1.3.6.1.4.1.25506.1.518.def:Type        HP5120-48G-EI
1.3.6.1.4.1.25506.1.520.def:Type        HP5120-48G-EI-PWR
1.3.6.1.4.1.11.2.3.7.11.20.def:Type     HP5304xl
1.3.6.1.4.1.11.2.3.7.11.17.def:Type     HP5308xl
1.3.6.1.4.1.11.2.3.7.11.50.def:Type     HP5406zl
1.3.6.1.4.1.11.2.3.7.11.51.def:Type     HP5412zl
1.3.6.1.4.1.25506.11.1.28.def:Type      HP5500-24G-SFP
1.3.6.1.4.1.25506.1.5.def:Type  HP5500-28F-EI
1.3.6.1.4.1.25506.1.1.def:Type  HP5500G-24G-EI
1.3.6.1.4.1.25506.1.334.def:Type        HP5800-24G
1.3.6.1.4.1.25506.1.335.def:Type        HP5800-48G
1.3.6.1.4.1.25506.1.338.def:Type        HP5800-48G-2Slot
1.3.6.1.4.1.25506.1.340.def:Type        HP5820-14XG
1.3.6.1.4.1.25506.11.1.23.def:Type      HP5820-24XG
1.3.6.1.4.1.25506.11.1.47.def:Type      HP5820-24XG
1.3.6.1.4.1.25506.1.341.def:Type        HP5820-24XG
1.3.6.1.4.1.25506.11.1.79.def:Type      HP5830AF-48G
1.3.6.1.4.1.25506.11.1.100.def:Type     HP5900AF-48XG-4QSFP+
1.3.6.1.4.1.25506.11.1.78.def:Type      HP5920AF-24XG
1.3.6.1.4.1.11.2.3.7.11.30.def:Type     HP6108
1.3.6.1.4.1.11.2.3.7.11.107.def:Type    HP6120XG
1.3.6.1.4.1.11.2.3.7.11.49.def:Type     HP6410cl-6XG
1.3.6.1.4.1.11.2.3.7.11.100.def:Type    HP6600-24G
1.3.6.1.4.1.11.2.3.7.11.101.def:Type    HP6600-24G-4XG
1.3.6.1.4.1.25506.11.2.22.def:Type      HP6608
1.3.6.1.4.1.25506.1.207.def:Type        HP7502
1.3.6.1.4.1.25506.1.208.def:Type        HP7503
1.3.6.1.4.1.25506.11.1.4.def:Type       HP7506
1.3.6.1.4.1.11.2.3.7.11.72.def:Type     HP8212zl
1.3.6.1.4.1.25506.1.186.def:Type        HP8805
1.3.6.1.4.1.25506.1.388.def:Type        HP9505
1.3.6.1.4.1.11.2.14.11.6.4.1.2.def:Type HPAP530WW
1.3.6.1.4.1.25506.1.239.def:Type        HPF1000-E
1.3.6.1.4.1.11.1.def:Type       HPJetdirect
1.3.6.1.4.1.11.2.3.9.1.def:Type HPJetdirect
1.3.6.1.4.1.8744.1.20.def:Type  HPMSM310
1.3.6.1.4.1.8744.1.16.def:Type  HPMSM313
1.3.6.1.4.1.8744.1.35.def:Type  HPMSM710
1.3.6.1.4.1.8744.1.56.def:Type  HPMSM720
1.3.6.1.4.1.8744.1.25.def:Type  HPMSM730
1.3.6.1.4.1.8744.1.27.def:Type  HPMSM750
1.3.6.1.4.1.8744.1.48.def:Type  HPMSM760
1.3.6.1.4.1.8744.1.47.def:Type  HPMSM765
1.3.6.1.4.1.25506.1.230.def:Type        HPMSR20-11
1.3.6.1.4.1.25506.1.232.def:Type        HPMSR20-11
1.3.6.1.4.1.25506.1.262.def:Type        HPMSR20-11
1.3.6.1.4.1.25506.1.231.def:Type        HPMSR20-13
1.3.6.1.4.1.25506.1.72.def:Type HPMSR30-20
1.3.6.1.4.1.25506.1.73.def:Type HPMSR30-20
1.3.6.1.4.1.25506.1.74.def:Type HPMSR30-40
1.3.6.1.4.1.25506.1.76.def:Type HPMSR50-40
1.3.6.1.4.1.11.2.3.7.11.73.def:Type     HPNAC800
1.3.6.1.4.1.11.5.7.1.2.def:Type HPOA
1.3.6.1.4.1.29999.1.def:Type    HP Printer
1.3.6.1.4.1.2011.def:Type       HPSimware
1.3.6.1.4.1.11.2.14.11.7.1.2.def:Type   HPSR7102dl
1.3.6.1.4.1.11.2.14.11.7.1.3.def:Type   HPSR7203dl
1.3.6.1.4.1.11.2.3.7.11.50.17.def:Type  HPTMS
1.3.6.1.4.1.25506.1.301.def:Type        HP U200-S
1.3.6.1.4.1.11.5.7.5.1.def:Type HPVC
1.3.6.1.4.1.1588.2.1.1.43.def:Type      HPVC-FC
1.3.6.1.4.1.1588.2.1.1.70.def:Type      HPVC-FCeva
1.3.6.1.4.1.11.5.7.5.4.def:Type HPVCflex10
1.3.6.1.4.1.25506.1.458.def:Type        HPWX3010


12
Discovery / Security reminder: Be sure to configure "netfilter"!
« on: July 09, 2013, 08:34:57 PM »
When Nedi discovers a CDP or LLDP neighbor, it will begin sending all your read-only SNMP strings to it.  If this device is a hacker on your network running CDPd, then the hacker can easily learn these SNMP communities.

Additionally, if the hacker can convince Nedi they are a valid device, then Nedi will also try to backup the device using SSH or Telnet.  This will enable a hacker to get full access to the usernames and passwords to all your devices.

The best protection for this attack is to configure your netfilter (found inside nedi.conf) to strictly match only your devices and never an IP that a user can be assigned.

# Only discover devices where ip address matches this regular expression.
# This way NeDi will not send any login credentials to rogue/evil devices.
netfilter       172.16|172.31

Cheers and be safe!

Tristan

13
I am using "Device Write" and running this command to upgrade my Cisco 2960S switches:

archive download-sw /imageonly tftp://10.10.10.9/cisco/c2960s-universalk9-tar.150-2.SE2.tar

Nedi does successfully upgrade the devices, but the log file is blank.  Can we increase a timer somewhere so that we can see the feedback from the long (7 minute) upgrade?

Cheers!

Tristan

14
Discovery / Changing passwords on devices....
« on: May 15, 2013, 11:02:43 PM »
It is a best practice to periodically change authentication on network devices.  If I change the SNMP or SSH credentials on all my devices, then Nedi will stop being able to contact them, unless I manually delete the devices (and lose information).

Request:
1) If a previously discovered device fails authentication, can we have Nedi try the passwords and communities listed in Nedi.conf?

Thanks!

Tristan

15
Definition Files / 1.3.6.1.4.1.9.1.1227 = WS-C3560G-48PS
« on: May 14, 2013, 10:38:26 PM »
Something is wrong with the def file for 1.3.6.1.4.1.9.1.1227.  Nedi thinks the file is blank, even though it is not.  Permissions seemed to be the same as all other files that work.

My fix was to copy 1.3.6.1.4.1.9.1.1226 to 1.3.6.1.4.1.9.1.1227 and simply change the Device Type to WS-C3560G-48PS

Tristan

Pages: [1] 2 3