Welcome, Guest. Please login or register.

Recent Posts

Pages: [1] 2 3 ... 10
1
Discovery / Re: Identify where "rogue" switches are connected to
« Last post by Hannu Liljemark on December 13, 2017, 02:32:14 PM »
We run the cleaning script once a week every Saturday, but the network is rather small (<50 MB database).
2
Discovery / Re: Identify where "rogue" switches are connected to
« Last post by pc_sg on December 13, 2017, 02:23:47 PM »
Yes and no.
Not exactly...
No and yes!


After the database cleaning the nodes report showed on some switched and port a abnormal number of nodes seen (max was 190 on a sigle port!).


After some time (now apprx 4 hours later, so more then 16 discoveries, one on every 15 minutes) the same report shows much, much less nodes/port, and a reasonable amount of nodes per port and per device.


If this is true and stable, should be reliable enough to detect where "rogue" switches are connected to.


Thanks a lot for your adivice!

(Once more: how often is fine to run the cleaning script using crontab?  ;) [size=78%])[/size]

3
Discovery / Re: Identify where "rogue" switches are connected to
« Last post by Hannu Liljemark on December 13, 2017, 02:07:17 PM »
We've just ignored the error regarding missing "RELOAD" permissions as it didn't seem important, but I think I have not seen this "RESET MASTER" error.

Now that the nodes table is clean from old legacy, do you see if it helped with the original mac address # per port issue at all? :)
4
Discovery / Re: Identify where "rogue" switches are connected to
« Last post by pc_sg on December 13, 2017, 10:30:08 AM »
Thanks!
I saw the strange "root instead of nedi.conf dbuser" access mod in the distributed file. If I don't remove the root part in fron of the relevant line it give errors.


But even modified, it shows some other errors.
    "ERROR 1227 (42000) at line 2: Access denied; you need (at least one of) the RELOAD privilege(s) for this operation"
so a gave all rights to "nedi" db user.


Then
    "ERROR 1186 (HY000) at line 3: Binlog closed, cannot RESET MASTER"


 and then


    "nedi.chat       optimize        note    Table does not support optimize, doing recreate + analyze instead"
but next
    "nedi.chat       optimize        status  OK
and the same for all the other tables


Then no messages like a "done", it remains like hanged until I press enter...


Anyway nodes table now seems cleaned.


Other advices?


Thanks again!
5
Discovery / Re: Identify where "rogue" switches are connected to
« Last post by Hannu Liljemark on December 13, 2017, 09:39:50 AM »
The 1.6 html/log/Readme.txt has the following tip if you can't update via web interface:

> "nedi.pl -i updatedb" updates the DB from 1.5.225

So you can just backup nedi.conf and seedlist, then untar the tgz contents over your old files, maybe move new nedi.conf and seedlist to somewhere else and then restore the production nedi.conf and seedlist. Finally diff the old and new nedi.conf to see what has changed and then do the updatedb thing to update the database.

I've now switched to contrib/nedi_db_maintenance.sh and it seems to work ok once you modify the dbpass logic (use the stuff that's commented out, which grabs the dbpass from nedi.conf) and remove mysql's --ssl parameter if it doesn't work (or fix mysql to make it work). I think it's safer to use the script that comes with the same Nedi version as table names might have changed. The http://forum.nedi.ch/index.php?topic=1446.0 script was also pretty good with 1.5.225 and I think it also cleaned up the rrd files, where as nedi_db_maintenance.sh only does DB maintenance as its name implies.

Br,
Hannu
6
Discovery / Re: Identify where "rogue" switches are connected to
« Last post by pc_sg on December 13, 2017, 08:52:21 AM »
Indeed I used the one in "contrib".


The "production" NeDi is still the 1.5.225, I had always trouble doing an upgrade through NeDi web interface, and doing it manually always need a database rebuild, so all history lossing.
Maybe the script in this release is not the latest one?
Should I use the one in 1.6 ? Is it compatible?
7
Discovery / Multiple CDP neighbors on a single port
« Last post by ruehlb on December 11, 2017, 04:21:20 PM »
We have a single switch port that goes into a 3rd paryt MPLS cloud that then has several remote switches connected to it. Do to this, it will show multiple CDP neighbor devices on that one port since we don't manage the equipment in the middle. What I have noticed is that Nedi will discover one if the devices but then ignore the rest. This is what shows up in the debug:

DIPR:440406016.9371653 on Et9/2
CDP :Switch1,Fa0/0/0 10.10.10.1 on Et9/2
DIPR:440406016.7077895 on Et9/2
CDP :Ignoring duplicate neighbor Switch2 (set MACflood threshold to allow)
DIPR:440406016.6291462 on Et9/2
CDP :Ignoring duplicate neighbor Switch3 (set MACflood threshold to allow)
DIPR:440406016.12320770 on Et9/2
CDP :Ignoring duplicate neighbor Switch4 (set MACflood threshold to allow)
DIPR:440406016.5767172 on Et9/2
CDP :Ignoring duplicate neighbor Switch5 (set MACflood threshold to allow)
DIPR:440406016.720897 on Et9/2
CDP :Ignoring duplicate neighbor Switch6 (set MACflood threshold to allow)
DIPR:440406016.13828099 on Et9/2
CDP :Ignoring duplicate neighbor Switch7 (set MACflood threshold to allow)

I have a MAC flood threshold set but is there something specific that it needs to be set to in order for this to be allowed?

Thanks
8
Definition Files / Cisco Catalyst 3650 stack def
« Last post by Hannu Liljemark on December 11, 2017, 09:04:08 AM »
Cisco Catalyst Cat3650 Stack 1.3.6.1.4.1.9.1.2066

For now it's a copy of 1.3.6.1.4.1.9.1.1745.def.
9
Discovery / Re: Identify where "rogue" switches are connected to
« Last post by Hannu Liljemark on December 07, 2017, 09:31:29 AM »
Looks like we're still using the script from this thread:

http://forum.nedi.ch/index.php?topic=1446.0

I need to look into implementing the current contrib/nedi_db_maintenance.sh :)
10
Discovery / Re: Identify where "rogue" switches are connected to
« Last post by pc_sg on December 06, 2017, 04:08:47 PM »
Quick brief reply: never done a maintenance. Tested right now, some problem with authentication (root, nedi uses a nedi.conf use and password) and then another possible error "ERROR 1186 (HY000) at line 3: Binlog closed, cannot RESET MASTER".


I'll do a look to your advices, maybe from next monday (we have a short vacation starting this evening  :)  ) the I'll report here.

Thanks a lot!


Pages: [1] 2 3 ... 10