Welcome, Guest. Please login or register.

Author Topic: Issues with population on some switches  (Read 2075 times)

sjwk

  • Newbie
  • *
  • Posts: 37
    • View Profile
Issues with population on some switches
« on: April 15, 2010, 01:35:12 PM »
I'm having some issues where some switches are not showing population, although the ports are up.  I've just performed a clean reinstall from 1.0 to 1.0.5, although it's not a version issue as these switches were not cooperating before either.

All switches are Cisco 2960 (edge) or 3750 (core).  Some switches are showing a population count/list, others show nothing for any port, although to the best of my knowledge they are configured identically.  Before the reinstall, the population was showing up on the relevant port of the core 3750 that fed that switch, but that might be left-over from before those switches were replaced with Cisco models a few weeks ago - this was the reason for the reinstall, to clear out all of the data and start from scratch.

Just looking now however, and it appears as though the missing population is now being detected on Po1 on a 2960G that they are not directly connected to (it's the Etherchannel link from the pair of core 3750s, and this 2960 then feeds into the firewall and the Internet).  Am I just being impatient and they will, over time, get detected where they are actually plugged in?  Or is there something else wrong, given that these switches have not detected any population in the past either...?

Looking at the MAC tables via CNA confirms what Nedi is detecting so it must be a switch issue?

Steve.

sjwk

  • Newbie
  • *
  • Posts: 37
    • View Profile
Re: Issues with population on some switches
« Reply #1 on: April 15, 2010, 01:42:02 PM »
Ah.  Have just noticed something.  While looking at the dynamic address list on a switch that isn't showing any population doesn't show any addresses associated with the ports on that switch, looking in the static or secure address lists *does*.  But on a switch that is correctly reporting a population on its ports, the static/secure lists don't show anything but the devices are listed in the dynamic address lists.

Looking more closely, the ports that are set in the static/secure lists are the ones that have had the desktop role applied in order to set it as an access port and enable security (as we don't want students plugging a switch or multiple computers into the sockets in their rooms) 

So, is there a reason why Nedi is only looking at the dynamic address lists?  Is there some option I've missed to make it check the static lists too?

Steve.

sjwk

  • Newbie
  • *
  • Posts: 37
    • View Profile
Re: Issues with population on some switches
« Reply #2 on: April 15, 2010, 01:53:36 PM »
OK, to follow up my own post for benefit of others, having looked through the code now I've understood the cause, it looks as though setting getfwd to 'sec' rather than 'cli' in nedi.conf will make it scan the secure address table too.

Just waiting on the next poll to run to confirm.

Is there any other side effect that this will cause?  And if not, is there any reason it doesn't do it by default?

Cheers,
Steve.

rickli

  • Administrator
  • Hero Member
  • *****
  • Posts: 2780
    • View Profile
    • NeDi
Re: Issues with population on some switches
« Reply #3 on: April 15, 2010, 08:35:38 PM »
Thanks for sharing your experience :)

sec needs more precious discovery time, that's why I decided to support it only, if desired. A common approach on this note is dot1x, which should be supported by dynamic mibs...
Please consider Other-Invoices on your NeDi installation for an annual contribution, tx!
-Remo