Welcome, Guest. Please login or register.

Author Topic: NeDi 1.0.8 Progress  (Read 63929 times)

rickli

  • Administrator
  • Hero Member
  • *****
  • Posts: 2509
    • View Profile
    • NeDi
Re: NeDi 1.0.8 Progress
« Reply #30 on: March 09, 2012, 08:29:41 PM »
Indeed I've been thinking about this as well (I know, I've come up with this line a lot, but then again lots of thoughts cross my mind). It shouldn't be to hard to add a OS based list, with strings to match and mails being sent. Any things in particular, the community would be looking for?
Please consider Other-Invoices on your NeDi installation for an annual contribution, tx!
-Remo

swepart

  • Newbie
  • *
  • Posts: 11
    • View Profile
Re: NeDi 1.0.8 Progress
« Reply #31 on: April 01, 2012, 02:09:53 AM »
Suggestions

- Identify 802.1x ports in "Device Status View"
  More and more networks is using 802.1x for security but still there is need for some ports to be open,  it would be very helpful to easily  view and monitor what ports are "open state"
 
- Check ports as "monitored" or "not monitored"
Sometimes you don't want to monitor a certain port, the reasons could be several.

- Support for external pollers.
When monitoring large networks and

This is a biggy :) and probably not doable

- From the "device list"  placing objects on a map :)..  system will then automatically make/draw  the connections
- In a map,  change the positions of a object and make it more viewable (I know the map is dynamic and updated each time u use it,, so I can see the challenge in this)


Right now,,  monitoring ~2000 devices with ~3700 modules,  ~140K interfaces
Rg
Håkan Sjöberg

« Last Edit: April 01, 2012, 01:48:02 PM by swepart »

raider82

  • Jr. Member
  • **
  • Posts: 91
    • View Profile
Re: NeDi 1.0.8 Progress
« Reply #32 on: April 02, 2012, 08:39:32 AM »
First of all - thanks for 1.0.7; I am making great progress with this version.
Code: [Select]
mysql> select count(*) from devices;
+----------+
| count(*) |
+----------+
|    10302 |
+----------+
1 row in set (0.00 sec)

mysql> select count(*) from nodes;
+----------+
| count(*) |
+----------+
|   195398 |
+----------+
1 row in set (0.00 sec)
This is only switches, controllers and Access Points, no phones, voice gateways, etc.

With those numbers, I tend to say: mass changes would be very helpful for me. Maybe some stuff is already in 1.0.7 and I just did not know:
  • mass deletion (per name or last seen date)
  • a config generator
  • a web-based seedlist editor for other users
A question that I guess is solved in 1.0.7 - does NeDi store the nodes DNS names?
Currently I only discover once a day, but I would like to resolve node DNS names only at night and therefore speed up discovery within working hours.
How many threads can I run in parallel? Currently, I am working with 3, but it already takes too long with DNS lookups to finish them in office hours.
« Last Edit: April 02, 2012, 08:41:11 AM by raider82 »

acoto

  • Newbie
  • *
  • Posts: 35
    • View Profile
    • NeDi2GraphML
Re: NeDi 1.0.8 Progress
« Reply #33 on: April 03, 2012, 12:56:52 AM »
Hello Håkan,

About your map request, I´m not sure if I clearly understand your objective, but there are some interesting things that can be done in yEd (once you have your schematic in GraphML)

I found out that Tools --> Select Elements very powerful.

For instance, you can select an interesting node, then Tools -->Select Elements, then:

  General Tab
    Check only "Select Inverse" option

  Nodes Tab
    Check "Use This Criteria"
    Criteria: "Neighbors of Selected Nodes"
    Maximal Path Distance: 1 (or 2.. or 3...)
 
  Edges Tab
    Uncheck "Use this Criteria"

  Bends Tab
    Uncheck "Use this Criteria"

Click OK.

At this point you should have selected: the interesting node, and all nodes which are 2 or more hops  away.

Now, press Shift and click over the interesting node to unselect it, then press Delete.

Result:

A simplified schematic containing only the selected node (or nodes) and 1 hop (or 2.. or 3... if you changed Maximal Path Distance) neighbors

Regards,

Adrian


Adrian drinks costarrican beer.

raider82

  • Jr. Member
  • **
  • Posts: 91
    • View Profile
Re: NeDi 1.0.8 Progress
« Reply #34 on: April 12, 2012, 09:27:51 AM »
Another thing that might be interesting for 1.0.8.
Currently, the hostname is used to identify a device. Nevertheless, this is not always correct - e.g. with primary and secondary firewalls.

rickli

  • Administrator
  • Hero Member
  • *****
  • Posts: 2509
    • View Profile
    • NeDi
Re: NeDi 1.0.8 Progress
« Reply #35 on: April 12, 2012, 09:06:15 PM »
Yes, the SNMP sysname is used as primary key. What would you change? BTW, I wouldn't worry about DNS too much. It takes very long on the first discovery, when all nodes are being resolved. Subsequent discoveries only resolve, if a MAC-IP change is detected or the last ipupdate was longer ago than retire days (which means 30 days at default). Therefore be aware that 30 days after the first discovery, it might take a little longer too....
Please consider Other-Invoices on your NeDi installation for an annual contribution, tx!
-Remo

raider82

  • Jr. Member
  • **
  • Posts: 91
    • View Profile
Re: NeDi 1.0.8 Progress
« Reply #36 on: April 13, 2012, 09:55:08 AM »
Yes, the SNMP sysname is used as primary key. What would you change?
Maybe the prompt or the serial? As mentioned: all secondary firewalls are currently missing in my installation. And renaming leads to duplicate entries (saw this today with leightweight APs).

BTW, I wouldn't worry about DNS too much. It takes very long on the first discovery, when all nodes are being resolved. Subsequent discoveries only resolve, if a MAC-IP change is detected or the last ipupdate was longer ago than retire days (which means 30 days at default). Therefore be aware that 30 days after the first discovery, it might take a little longer too....
Ok, I have set it down to 14 while testing with 1.0.6. Maybe I should increase it again. Another question: can this be the source for the graph issue? Every 2nd week, all data comes in later?

Another idea: Any option to include functionality which:
- compares seedlists to the devices table (can't report on failed discoveries at the moment) with a report that shows missing devices?
- deletes devices that were removed from the seedlists (maybe with a threshold)?

And one more idea ;-)
- what about an error log in the database, e.g. for any command that did not run? Just found a switch that needs CISCO-OLD although the IOS version is > 12.1 (it requires show mac-address-table instead of show mac address-table); I found this by accident since I was searching for a specific node that appeared on the uplink
« Last Edit: April 23, 2012, 02:31:58 PM by raider82 »

redpineapple

  • Jr. Member
  • **
  • Posts: 53
    • View Profile
Re: NeDi 1.0.8 Progress
« Reply #37 on: May 01, 2012, 07:51:03 AM »
I would like to suggest a dedicated database poller.  The scheme is:
Description - time period (configurable)
-------------------------------------------------
High      - 5 minutes
Medium - 20 minutes
Normal  - 1 hour
Low      - 1 day
The poller looks at the database and polls the device using the above scheme.  Let us assume the devices file has a new column named polling, then every hour the following would be done as an example: ./nedi.pl -A 'polling regexp "normal"'
Let us assume the devices file also has another column named disco.  The default for the field is 0 and it is marked as 1 if the device is going to be used as a discovery node.  Once a day the following would then be done as an example: ./nedi.pl -p -A 'disco !regexp 0'

rickli

  • Administrator
  • Hero Member
  • *****
  • Posts: 2509
    • View Profile
    • NeDi
Re: NeDi 1.0.8 Progress
« Reply #38 on: May 10, 2012, 11:30:44 PM »
raider:
- did you check events for "not discoverable" info? You can click on the radar icon, to filter on discovery related events as well...
- device-list sort by last discove. Then you'd need to manually delete devices via device-status. Do you need to do this a lot?
- Errors on getting configs are caugt...will check with forwarding (and ARP for ASAs)

redpineapple:
This sounds like a major redesign. Variable RRDs and highly scalable discovery. Maybe some day, but not on my priority list right now...
Please consider Other-Invoices on your NeDi installation for an annual contribution, tx!
-Remo

raider82

  • Jr. Member
  • **
  • Posts: 91
    • View Profile
Re: NeDi 1.0.8 Progress
« Reply #39 on: May 16, 2012, 02:30:52 PM »
raider:
- did you check events for "not discoverable" info? You can click on the radar icon, to filter on discovery related events as well...
Looks good. I will check this.

- device-list sort by last discove. Then you'd need to manually delete devices via device-status. Do you need to do this a lot?
Yes. With a few hundred locations ... I would prefer using existing interfaces to other tools. With an existing seedlist, automated deletion would be perfect.
[/quote]

swepart

  • Newbie
  • *
  • Posts: 11
    • View Profile
Re: NeDi 1.0.8 Progress
« Reply #40 on: May 23, 2012, 12:01:24 AM »
As you mentioned at the webb

"Threaded discovery is more  complex than expected, especially with perl on OpenBSD
not supporting threads out of the box!"

Maybe its time to look into some other distro,, 

To me,, and I am a rookie in this field,  it looks like Centos is highly respected ServerOS.
Idont know if Centos is better supporting threads,  but as it is a "cousin" to RH it might be more
matured than Ubuntu ( u had a video how to install on Ubuntu,  thats why I mention it)

just a thought,,

right now having around ~2500 devices,  ~3500 modules,  ~165 000 interfaces,  113 450 Vlans   :)

The system feels a little sluggish with this volumes :)

/Swepart

pc_sg

  • Full Member
  • ***
  • Posts: 245
    • View Profile
Re: NeDi 1.0.8 Progress
« Reply #41 on: May 23, 2012, 08:27:14 AM »
Consider also Debian, that is very stable (more then Ubuntu), very well supported, and have a small Server distribution.
In this case Ubuntu is a mercy, because all Ubuntu programs runs well on Debian (from which Ubuntu is a derivative)

Only my two cents...

Paolo

eviltrooper

  • Newbie
  • *
  • Posts: 45
    • View Profile
Re: NeDi 1.0.8 Progress
« Reply #42 on: May 23, 2012, 02:36:16 PM »
is it possible to change the Alias and or the speed duplex setting with SNMP WRITE Community string?

acoto

  • Newbie
  • *
  • Posts: 35
    • View Profile
    • NeDi2GraphML
Re: NeDi 1.0.8 Progress
« Reply #43 on: May 23, 2012, 06:39:12 PM »
I think Arch Linux makes a good fit too. The base install is lightweight, and very easy to customize.

It also may be a good time to switch to MariaDB.

Adrian


Adrian drinks costarrican beer.

pluto01

  • Newbie
  • *
  • Posts: 8
    • View Profile
Re: NeDi 1.0.8 Progress
« Reply #44 on: May 24, 2012, 05:40:44 PM »
Yes, the SNMP sysname is used as primary key. What would you change?

I have noticed previously that if we have a switch, SWITCH1, and we replace that with a new switch (possibly with a new management IP) which we also call SWITCH1, then nedi will not be able to discover the new switch until I go in and delete the old SWITCH1 from devices. It will simply keep the old entry in there and the 'last discovered' will tick further and further back forever.

Does using sysname as the primary key cause this?

I would think something like serial number might make more sense as that should be guaranteed to be unique. If I replace a switch, it would be nice for the nedi entry to update automatically with the new device/IP information.

B