I just installed netdb, everything works fine! The only thing i don't understand is why i only get our management vlan (501) in the result set. Is there a possibility to index all of our vlans?
I have the following rules in my devices.csv:
switch01,netdbarp,netdbnomac,forcetelnet
I hope some on can help me with this one!
Thanks in advance.
Gr,
- Thijs
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Which device on your network acts as your router? The switches themselves are not aware of the IP addresses, only your router is. You need to get the ARP table off that device in order for the IP addresses to show up for the different VLANs. Hopefully this is a cisco router of some sort.
Jonathan
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I tried getting the data from our core routers, i used the following configuration line in my devices.csv:
corerouter01,netdbarp,use_trunks
The response i get when i run the following command: netdbctl -ud -a -m -n -vv (with debugging on) is:
-vv: invalid option
-vv: invalid option
Parsing Devices from Big Brother (optional)
Thu May 6 08:53:51 2010: netdbctl(24316): Running netdbscraper on devices
Thu May 6 08:53:52 2010: netdbctl(24316): P(24319): Spawning 1 processes
Thu May 6 08:53:52 2010: netdbctl(24316): PARENT: Forked 24320 on cr-1-eu
Thu May 6 08:53:52 2010: netdbctl(24316): Debug: Forcing ssh connection on corerouter01
Thu May 6 08:53:52 2010: netdbctl(24316): PID(24320): Connecting to corerouter01 using SSH(1) Telnet()...
Thu May 6 08:53:52 2010: netdbctl(24316): PID(24320): Testing port 22 on corerouter01 for open state
Thu May 6 08:53:52 2010: netdbctl(24316): IP for corerouter01: 172.16.200.3
Thu May 6 08:53:52 2010: netdbctl(24316): PID(24320): corerouter01 SSH port open
Thu May 6 08:54:07 2010: netdbctl(24316): PID(24320): Getting ARP Table on cr-1-eu
Thu May 6 08:54:14 2010: netdbctl(24316): PID(24320): Getting Interface Status on cr-1-eu
Thu May 6 08:54:21 2010: netdbctl(24316): PID(24320): Capturing mac table on cr-1-eu
[b]Thu May 6 08:54:28 2010: netdbctl(24316): PID(24320): |Warning|: No mac-address table data received from cr-1-eu (use -vv for more info)
Thu May 6 08:54:28 2010: netdbctl(24316): DEBUG: Bad mac-table-data:
Thu May 6 08:54:28 2010: netdbctl(24316): Permission denied, please try again.[/b]
Thu May 6 08:54:28 2010: netdbctl(24316): user@corerouter01's password: PID(24320): |LOCK| /opt/netdb/data/newintstatus.txt
Thu May 6 08:54:28 2010: netdbctl(24316): PID(24320): |LOCK| /opt/netdb/data/newarptable.txt
Thu May 6 08:54:28 2010: netdbctl(24316): PARENT: Waiting on final processes to finish
Thu May 6 08:54:28 2010: netdbctl(24316): Importing 1 intstatus entries in to switchstatus table
Thu May 6 08:54:28 2010: netdbctl(24316): DEBUG: Connecting to Database as RW User
Thu May 6 08:54:28 2010: netdbctl(24316): tz: DateTime::TimeZone::Europe::Amsterdam=HASH(0x8f43dd0)
Thu May 6 08:54:28 2010: netdbctl(24316): Debug: DateTime Value: 2010-05-06T08:54:28
Thu May 6 08:54:28 2010: netdbctl(24316): Can't use an undefined value as a HASH reference at /usr/lib/perl5/NetDB.pm line 1338, <SOURCE> line 1.
Thu May 6 08:54:28 2010: netdbctl(24316): Importing 1 MAC entries in to switchports table
Thu May 6 08:54:29 2010: netdbctl(24316): DEBUG: Connecting to Database as RW User
Thu May 6 08:54:29 2010: netdbctl(24316): tz: DateTime::TimeZone::Europe::Amsterdam=HASH(0x8f43e00)
Thu May 6 08:54:29 2010: netdbctl(24316): Debug: DateTime Value: 2010-05-06T08:54:29
Thu May 6 08:54:30 2010: netdbctl(24316): Can't use an undefined value as a HASH reference at /usr/lib/perl5/NetDB.pm line 1454.
Thu May 6 08:54:30 2010: netdbctl(24316): Importing 1 ARP Entries in to ipmac table
Thu May 6 08:54:30 2010: netdbctl(24316): DEBUG: Connecting to Database as RW User
Thu May 6 08:54:30 2010: netdbctl(24316): tz: DateTime::TimeZone::Europe::Amsterdam=HASH(0x8f42cd8)
Thu May 6 08:54:30 2010: netdbctl(24316): Debug: DateTime Value: 2010-05-06T08:54:30
Thu May 6 08:54:31 2010: netdbctl(24316): Can't use an undefined value as a HASH reference at /usr/lib/perl5/NetDB.pm line 1618.
cat: /opt/netdb/data/: Is a directory
Thu May 6 08:54:31 2010: netdbctl(24316): Importing 0 NAC Registration Entries in to nacreg table
Thu May 6 08:54:32 2010: netdbctl(24316): DEBUG: Connecting to Database as RW User
Thu May 6 08:54:32 2010: netdbctl(24316): tz: DateTime::TimeZone::Europe::Amsterdam=HASH(0x8f42a08)
Thu May 6 08:54:32 2010: netdbctl(24316): Debug: DateTime Value: 2010-05-06T08:54:32
Thu May 6 08:54:32 2010: netdbctl(24316): Can't use an undefined value as a HASH reference at /usr/lib/perl5/NetDB.pm line 1831.
Which command does netdb execute for getting the mac-adress-table? If i use the auth information in /etc/netdb.conf i can view all the information on my corerouters (cisco CISCO7606 (R7000)).
After this run i still got only one vlan (501) in my database, i would like to have all of them and all of the IP adresses. What is wrong with this setup? Maybe it is the NetDB.pm notification during the netdmctl run or the bold printed part in the code area above?
Thanks in advance!
Gr,
- Thijs
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
It looks like your problem is related to login issues on your core router. I saw that the username you are using is "user." Is that the username you are connecting with?
Here's the clue, it's stuck at the login prompt:
Thu May 6 08:54:28 2010: netdbctl(24316): Permission denied, please try again.
Thu May 6 08:54:28 2010: netdbctl(24316): user@corerouter01's password:
The script uses both show mac-address-table and show mac address-table, but it's not getting that far. You are using these credentials to test the login, right?
devuser = switch_user
devpass = yourpasswd
I've never heard any feedback on a 7600 before, but plenty of people are using with 6500s without issue. You could try forcing telnet just to see if that resolves the issue and narrow it down to an SSH issue, but for some reason the login is failing.
Let me know what you find,
Jonathan
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I think i found our problem, we use a Cisco FWSM (firewall) module on the corerouters as our gateway to the internet. I tried to index this Cisco IOS with NetDB but it doesn't return any vlans, is the following version supported?
FWSM Firewall Version 3.2(13) <context>
We also have some vlan defined on our core routers and these vlan's where inserted successfully with the underlying hosts, it was a security issue like you suggested! :)
I can give some commands and the output of them if you would like to support the FWSM module of cisco in your NetDB package?
In the meanwhile is it possible to index al of our vlans based on the spanning-tree protocol on our coreswitches?
Thanks for the support so far! :) NetDB is a really cool administration/index tool…
Gr,
- Thijs
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
We're using some FWSMs here, but not for routing any vlans specifically. I should be able to get it working though. Can you send me a snippet of your ARP table that shows the corresponding vlans off of the FWSM? You can send it to yantisj@gmail.com and obfuscate it if you want. Also, is there anything in the arptable.txt file that is from the FWSM, does it actually manage to login to your firewall? The VLANs won't be there, but I was wondering if it's capturing any ARP data. I know it's working with ASAs but I haven't tested the FWSM specifically.
Thanks,
Jonathan
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi Guys,
I just installed netdb, everything works fine! The only thing i don't understand is why i only get our management vlan (501) in the result set. Is there a possibility to index all of our vlans?
I have the following rules in my devices.csv:
switch01,netdbarp,netdbnomac,forcetelnet
I hope some on can help me with this one!
Thanks in advance.
Gr,
- Thijs
Hi,
Which device on your network acts as your router? The switches themselves are not aware of the IP addresses, only your router is. You need to get the ARP table off that device in order for the IP addresses to show up for the different VLANs. Hopefully this is a cisco router of some sort.
Jonathan
Hi Jonathan,
I tried getting the data from our core routers, i used the following configuration line in my devices.csv:
corerouter01,netdbarp,use_trunks
The response i get when i run the following command: netdbctl -ud -a -m -n -vv (with debugging on) is:
Which command does netdb execute for getting the mac-adress-table? If i use the auth information in /etc/netdb.conf i can view all the information on my corerouters (cisco CISCO7606 (R7000)).
After this run i still got only one vlan (501) in my database, i would like to have all of them and all of the IP adresses. What is wrong with this setup? Maybe it is the NetDB.pm notification during the netdmctl run or the bold printed part in the code area above?
Thanks in advance!
Gr,
- Thijs
Hey,
It looks like your problem is related to login issues on your core router. I saw that the username you are using is "user." Is that the username you are connecting with?
Here's the clue, it's stuck at the login prompt:
Thu May 6 08:54:28 2010: netdbctl(24316): Permission denied, please try again.
Thu May 6 08:54:28 2010: netdbctl(24316): user@corerouter01's password:
The script uses both show mac-address-table and show mac address-table, but it's not getting that far. You are using these credentials to test the login, right?
devuser = switch_user
devpass = yourpasswd
I've never heard any feedback on a 7600 before, but plenty of people are using with 6500s without issue. You could try forcing telnet just to see if that resolves the issue and narrow it down to an SSH issue, but for some reason the login is failing.
Let me know what you find,
Jonathan
Hi Jonathan,
I think i found our problem, we use a Cisco FWSM (firewall) module on the corerouters as our gateway to the internet. I tried to index this Cisco IOS with NetDB but it doesn't return any vlans, is the following version supported?
FWSM Firewall Version 3.2(13) <context>
We also have some vlan defined on our core routers and these vlan's where inserted successfully with the underlying hosts, it was a security issue like you suggested! :)
I can give some commands and the output of them if you would like to support the FWSM module of cisco in your NetDB package?
In the meanwhile is it possible to index al of our vlans based on the spanning-tree protocol on our coreswitches?
Thanks for the support so far! :) NetDB is a really cool administration/index tool…
Gr,
- Thijs
Hey,
We're using some FWSMs here, but not for routing any vlans specifically. I should be able to get it working though. Can you send me a snippet of your ARP table that shows the corresponding vlans off of the FWSM? You can send it to yantisj@gmail.com and obfuscate it if you want. Also, is there anything in the arptable.txt file that is from the FWSM, does it actually manage to login to your firewall? The VLANs won't be there, but I was wondering if it's capturing any ARP data. I know it's working with ASAs but I haven't tested the FWSM specifically.
Thanks,
Jonathan
Hi Jonathan,
I just send you a email with all the information requested! :)
Gr,
- Thijs