Hi,
WE have segments behind our WLCs, which our COREs have no ARP info for them (simply because the corresponding VLANs are unnumbered on our COREs).
The same is true for segments which are separated from corporate network using our firewalls. As far as our firewalls (Juniper ScreenOS (SSG)) are concerned, I have written my own scrapper and I am adding appropriately formatted records to arptable.txt for the ARP info gathered from my firewalls.
I absolutely need the ARP info gathered from our WLCs in NetDB.
Currently these records are inserted in arptable.txt, but they are not being processed!
For the time being I have implemented a workaround, namely finding the VLAN number from "show arp switch" and adding appropriately formatted records in arptable.txt (only if the "type" is "Client").
The task is not 100% complete yet. There are complications for FlexConnect (H-REAP) situations, and when the WLC interface corresponding to a SSID is untagged (i.e. VLAN-ID 0). I am still working on it.
I have made provisions (by having devices in devicelist.csv in a certain order) so that for normal SSIDs (the ones with numbered VLANs on our COREs), the data gathered from COREs overwrite the records gathered from WLCs, when both devices report the same ARP records.
Is there any future plan in this regard?
In addition I would like to have a report of all devices in a certain SSID. This is not possible at present. One can get a report of all devices in a certain VLAN, but not in a certain SSID. In cases where more than one SSID are running on the same VLAN, the VLAN based report is not of much use.
Any plan for this?
Any clue how could I realize it myself is much appreciated.
Best Regards,
Hossein Badbanchi
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
We are currently running Aruba and have a completely different setup, but I
will try to do my best to understand this. First, if your ARP entries are
in the arptable.txt file and you manually run an updatenetdb on that file,
it should be imported. You can run the update in full debug mode to see if
those entries are being rejected for any reason, but if they are in the
file and you run an import, they should get imported. You might have an
issue where the entries are getting overwritten or something before the
import is run. Try working manually with the updatenetdb and see how that
goes.
As far as SSID goes, I gather the SSID and vlan as one field under VLAN, so
ssid-vlanid, public-10 for instance. What I need to do is tweak the VLAN
search to accept either a VLAN ID or an SSID name and return the results.
That's kind of broken at the moment but it wouldn't be too much trouble to
fix up. I should have some time tomorrow to look in to this further.
Let me know about the site concept in the other email first and we'll work
through some of these issues.
Jonathan
On Sun, May 17, 2015 at 2:28 PM, Hossein Badbanchi hbdbn@users.sf.net
wrote:
Hi,
WE have segments behind our WLCs, which our COREs have no ARP info for
them (simply because the corresponding VLANs are unnumbered on our COREs).
The same is true for segments which are separated from corporate network
using our firewalls. As far as our firewalls (Juniper ScreenOS (SSG)) are
concerned, I have written my own scrapper and I am adding appropriately
formatted records to arptable.txt for the ARP info gathered from my
firewalls.
I absolutely need the ARP info gathered from our WLCs in NetDB.
Currently these records are inserted in arptable.txt, but they are not
being processed!
For the time being I have implemented a workaround, namely finding the
VLAN number from "show arp switch" and adding appropriately formatted
records in arptable.txt (only if the "type" is "Client").
The task is not 100% complete yet. There are complications for FlexConnect
(H-REAP) situations, and when the WLC interface corresponding to a SSID is
untagged (i.e. VLAN-ID 0). I am still working on it.
I have made provisions (by having devices in devicelist.csv in a certain
order) so that for normal SSIDs (the ones with numbered VLANs on our
COREs), the data gathered from COREs overwrite the records gathered from
WLCs, when both devices report the same ARP records.
Is there any future plan in this regard?
In addition I would like to have a report of all devices in a certain
SSID. This is not possible at present. One can get a report of all devices
in a certain VLAN, but not in a certain SSID. In cases where more than one
SSID are running on the same VLAN, the VLAN based report is not of much use.
Any plan for this?
Any clue how could I realize it myself is much appreciated.
I have modified ciscowlcscraper so that appropriate records are added to arptable.txt, and updatenetdb is importing them (if the same arp record doesn't appear further down the file) in NetDB properly. This is already working for me.
Let's say a client is in SSID1 which is running on a numbered VLAN. Both ciscowlcscraper and (probably) later iosscraper will insert arp info for this client in arptable.txt.
Another different device is in SSID2 which is running on an unnumbered VLAN. In this case only ciscowlcscraper will create a record (in arptable.txt) and iosscraper will not.
Later when updatenetdb is run, it will insert a record for the first device having the CORE in router field, and another record for the second device having the WLC in the router filed.
All is OK.
I was wondering why ciscowlcscraper is inserting records in arptable.txt, in a format which is ignored by updatenetdb (sub loadArpTable is checking that the first filed is an IP). I thought maybe there are future plans to process these records and inserting corresponding records in NetDB. That is why I was asking the question.
Regarding your point that you gather the SSID and vlan as one field under VLAN like ssid-vlanid. You mean this is your future plan? Or maybe this is running in your development environment. Or maybe this is your suggestion/clue how could I approach the problem. I din't understand. Sorry.
Thanks and Best Regards,
Hossein Badbanchi
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Ah ok that all makes sense now. It seems like the ARP table import from the
WLC code is partially implemented. That code is maintained by another
contributor but if you post a partial output of the bad arp table results
here, I can probably fix the bug. Also check for the latest version in the
trunk/ directory under the code browser on this site if you haven't already.
As far as the ssid-vlan format, it's poorly implemented and needs to be
cleaned up using separate fields for vlan and ssid. Not enough development
has been done on the wireless side so some of those searches and such are
broken when it comes to searching ssids or non-numeric vlan-ids. I'll see
if I can work on that.
On Mon, May 18, 2015 at 12:43 PM, Hossein Badbanchi hbdbn@users.sf.net
wrote:
Hi,
I think I could not explain my point clearly.
I have modified ciscowlcscraper so that appropriate records are added
to arptable.txt, and updatenetdb is importing them (if the same arp record
doesn't appear further down the file) in NetDB properly. This is already
working for me.
Let's say a client is in SSID1 which is running on a numbered VLAN. Both
ciscowlcscraper and (probably) later iosscraper will insert arp info for
this client in arptable.txt.
Another different device is in SSID2 which is running on an unnumbered
VLAN. In this case only ciscowlcscraper will create a record (in
arptable.txt) and iosscraper will not.
Later when updatenetdb is run, it will insert a record for the first
device having the CORE in router field, and another record for the second
device having the WLC in the router filed.
All is OK.
I was wondering why ciscowlcscraper is inserting records in arptable.txt,
in a format which is ignored by updatenetdb (sub loadArpTable is checking
that the first filed is an IP). I thought maybe there are future plans to
process these records and inserting corresponding records in NetDB. That is
why I was asking the question.
Regarding your point that you gather the SSID and vlan as one field under
VLAN like ssid-vlanid. You mean this is your future plan? Or maybe this is
running in your development environment. Or maybe this is your
suggestion/clue how could I approach the problem. I din't understand. Sorry.
Hi,
WE have segments behind our WLCs, which our COREs have no ARP info for them (simply because the corresponding VLANs are unnumbered on our COREs).
The same is true for segments which are separated from corporate network using our firewalls. As far as our firewalls (Juniper ScreenOS (SSG)) are concerned, I have written my own scrapper and I am adding appropriately formatted records to arptable.txt for the ARP info gathered from my firewalls.
I absolutely need the ARP info gathered from our WLCs in NetDB.
Currently these records are inserted in arptable.txt, but they are not being processed!
For the time being I have implemented a workaround, namely finding the VLAN number from "show arp switch" and adding appropriately formatted records in arptable.txt (only if the "type" is "Client").
The task is not 100% complete yet. There are complications for FlexConnect (H-REAP) situations, and when the WLC interface corresponding to a SSID is untagged (i.e. VLAN-ID 0). I am still working on it.
I have made provisions (by having devices in devicelist.csv in a certain order) so that for normal SSIDs (the ones with numbered VLANs on our COREs), the data gathered from COREs overwrite the records gathered from WLCs, when both devices report the same ARP records.
Is there any future plan in this regard?
In addition I would like to have a report of all devices in a certain SSID. This is not possible at present. One can get a report of all devices in a certain VLAN, but not in a certain SSID. In cases where more than one SSID are running on the same VLAN, the VLAN based report is not of much use.
Any plan for this?
Any clue how could I realize it myself is much appreciated.
Best Regards,
Hossein Badbanchi
We are currently running Aruba and have a completely different setup, but I
will try to do my best to understand this. First, if your ARP entries are
in the arptable.txt file and you manually run an updatenetdb on that file,
it should be imported. You can run the update in full debug mode to see if
those entries are being rejected for any reason, but if they are in the
file and you run an import, they should get imported. You might have an
issue where the entries are getting overwritten or something before the
import is run. Try working manually with the updatenetdb and see how that
goes.
As far as SSID goes, I gather the SSID and vlan as one field under VLAN, so
ssid-vlanid, public-10 for instance. What I need to do is tweak the VLAN
search to accept either a VLAN ID or an SSID name and return the results.
That's kind of broken at the moment but it wouldn't be too much trouble to
fix up. I should have some time tomorrow to look in to this further.
Let me know about the site concept in the other email first and we'll work
through some of these issues.
Jonathan
On Sun, May 17, 2015 at 2:28 PM, Hossein Badbanchi hbdbn@users.sf.net
wrote:
Hi,
I think I could not explain my point clearly.
I have modified ciscowlcscraper so that appropriate records are added to arptable.txt, and updatenetdb is importing them (if the same arp record doesn't appear further down the file) in NetDB properly. This is already working for me.
Let's say a client is in SSID1 which is running on a numbered VLAN. Both ciscowlcscraper and (probably) later iosscraper will insert arp info for this client in arptable.txt.
Another different device is in SSID2 which is running on an unnumbered VLAN. In this case only ciscowlcscraper will create a record (in arptable.txt) and iosscraper will not.
Later when updatenetdb is run, it will insert a record for the first device having the CORE in router field, and another record for the second device having the WLC in the router filed.
All is OK.
I was wondering why ciscowlcscraper is inserting records in arptable.txt, in a format which is ignored by updatenetdb (sub loadArpTable is checking that the first filed is an IP). I thought maybe there are future plans to process these records and inserting corresponding records in NetDB. That is why I was asking the question.
Regarding your point that you gather the SSID and vlan as one field under VLAN like ssid-vlanid. You mean this is your future plan? Or maybe this is running in your development environment. Or maybe this is your suggestion/clue how could I approach the problem. I din't understand. Sorry.
Thanks and Best Regards,
Hossein Badbanchi
Ah ok that all makes sense now. It seems like the ARP table import from the
WLC code is partially implemented. That code is maintained by another
contributor but if you post a partial output of the bad arp table results
here, I can probably fix the bug. Also check for the latest version in the
trunk/ directory under the code browser on this site if you haven't already.
As far as the ssid-vlan format, it's poorly implemented and needs to be
cleaned up using separate fields for vlan and ssid. Not enough development
has been done on the wireless side so some of those searches and such are
broken when it comes to searching ssids or non-numeric vlan-ids. I'll see
if I can work on that.
On Mon, May 18, 2015 at 12:43 PM, Hossein Badbanchi hbdbn@users.sf.net
wrote: