We are a strictly Cisco Enterprise Network, originally they (the nodes) were correctly discovered, something I applied to Filter out
Phones, APs etc., seems to have halted updating Node Locations, when I look with a -v It's almost like nedi never examines the
arp table of a switch --
////////////////////
[root@ccnetmon03v nedi]# ./nedi.pl -a 10.101.10.100 -v
...
Arp (SNMP) ------------------------------------------------------------------
SNMP:Connect 10.101.10.100 strike2 v2 Tout:2s MaxMS:1472
ARPS:001fc90f6a7e=10.101.10.175 on Vl254 vl254
ARPS:c471feae57fe=10.101.10.190 on Vl254 vl254
ARPS:e8b748c4797e=10.101.10.100 on Vl254 vl254
ARPS:9cafca684bc1=10.101.10.171 on Vl254 vl254
ARPS:001fc90faf7e=10.101.10.196 on Vl254 vl254
ARPS:00000c07ac00=10.101.10.1 on Vl254 vl254
ARPS:b0c69a777e00=10.101.10.225 on Vl254 vl254
ARPS:00211b01b4fe=10.101.10.183 on Vl254 vl254
ARPS:9cafcae413fe=10.101.10.118 on Vl254 vl254
ARPS:001d71736ec0=10.101.10.2 on Vl254 vl254
ARPS:b0c69a752900=10.101.10.224 on Vl254 vl254
ARPS:00211b004f7e=10.101.10.192 on Vl254 vl254
ARPS:12 ARP entries found
WDEV:SNH-DC-C3750X-100 written to nedi.devices
WIF :176 interfaces written to nedi.interfaces
WMOD:19 modules written to nedi.modules
WVLN:25 vlans written to nedi.vlans
WNET:1 networks written to nedi.networks
WLNK:3 (ignoring 0 static) links written to nedi.links
DISC:ToDo/Done-Time = 0/1-3s
===============================================================================
///////////////////
the Node portion of my nedi.conf
.......
#============================================================================
# Nodes Related
#============================================================================
# Read MAC address tables from switches:
# dyn = Dynamic forwarding on supported devices
# sec = Read Port Security entries in addition
# snmp = Use SNMP only (will be used as fallback as well)
getfwd dyn
# A regular expression matching the vlanids which should not be checked for nodes.
# If you are unsure leave the default ^100[0-5]$
ignoredvlans ^10[01][0-9]$
# Ignore special MAC addresses
# HSRP 00-00-0c-07-ac-{HSRP group number (0 to 255)}
# VRRP (RFC 2338) 00-00-5e-00-01-{VRID}
# Microsoft WLBS 02bf-{last four octets are IP address}
# Ethernet broadcast ffffffffffff
ignoredmacs ^(0000c07ac|00005e0001|02bf|[f]{12})
# regular expression matching the vlids where independant vlan learning is desired.
# This can be very useful, when the same MAC address appears in different vlans.
# Since MAC and vlanid will be used as primary key, the Router needs to return
# the vlanid in its ARP table or IP resolution will fail!
;useivl ^2[012]0$
# Remove nodes (force IP, DNS and IF update) if inactive longer than this many days
retire 365
# Uncomment and specify path, if you want to use arpwatch for address resolution
# Use wildcard, if you want to use several files (e.g. in case of several vlans/IF)
;arpwatch /var/arpwatch/arp*
# ARP entries per IP to detect poisoning on routers
arppoison 2
# MACs per interface threshold to detect switch flooding
macflood 50
#============================================================================
.....