Help needed with VMWare Apppliance

Track your ARP/MAC table changes and so much more

Brought to you by: yantisj

Help needed with VMWare Apppliance

Forum: Help

Creator: Mario Oosters

Created: 2013-03-05

Updated: 2013-03-08

Mario Oosters - 2013-03-05

Hi, I am new to the networking tracking database. It seems to me as as interesting project. Therefore I downloaded it and wanted to start configuring. But I hit a brick wall...
I always "get operation not permitted" in vi when I try to change /etc/netdb.conf
Apparently because netdbadmin is not owner of this. Changing this I can't, because... what is the superuser password (aka root aka sudo aka...)

PS:I don't use Unix often and when I do it is FreeBSD, so my Linux Skills are kinda lacking...
PPS: Is there a location where ALL the options are discussed for the devicelist.csv file? I saw some mentioning of secondary credentials. Because the only one username is impossible for us in the netdb.conf file. Depending of Switch Importance/Locations, the username/password for the switches is different. There is not one username/password for all Switches, nor would I want this... So if there is the possibility to mention a username/password for each switch? How does it work.

Thanks in advance,
Mario

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Jonathan Yantis - 2013-03-05

Mario,

You need to sudo vi /etc/netdb.conf in that case as the netdbadmin user. You can do the same for the devicelist.csv file. I'll review the permissions on the VM and see if I can improve the default permissions for the admin user.

If you have a bunch of different credentials for different groups of switches, that gets slightly complicated. You would need a master /etc/netdb.conf file, and then multiple netdb-group.conf files that contains the different credentials for each group but the same database credentials in each config file.

Then you should create a shell script that would update your network one group at a time and import the data in to the database. For example, this would be for three groups each with their own config file and list of devices.

!/bin/sh

netdbctl -conf /etc/netdb-group1.conf -df /opt/netdb/data/devicelist-group1.csv -a -m -ud
netdbctl -conf /etc/netdb-group2.conf -df /opt/netdb/data/devicelist-group2.csv -a -m -ud
netdbctl -conf /etc/netdb-group3.conf -df /opt/netdb/data/devicelist-group3.csv -a -m -ud

Then edit the /etc/crontab, comment out the normal update routine that updates every 15min and run your shell script instead.

I know that's a little complicated but that's the only way to deal with more than two sets of credentials right now.

Jonathan

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Mario Oosters - 2013-03-06

OK, I got past the sudo problem...
I am a bit embarresed though. I thought I tried all the passwords with su, sudo or root. But apparently I didn't because sudo just worked with adminchangeme... Sorry for the stupid question.
Next, I will try your idea later, which seems clear enough, I hope.
Will keep you posted, had a lot of questions, but I will get my answers by simply trying it tomorrow ...
Still one BIG question. Is it possible to see for a given mac address not only it's current location, but also it's locations on switches in the past it's different IP'addresses and even when it had a namechange.
This would be very handy for history statistics, (our server team likes to change roles/names of servers without telling us...)
Thx for the help so far.

Last edit: Mario Oosters 2013-03-06

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Mario Oosters - 2013-03-07

WOOW! Your VMWARE Appliance works much better then I expected. It worked from the first try. I still need to do stuff but for a first try with this project, VERY GOOD.
Still... I might have found a bug/problem I think.
We use lots and lots of Cisco VoIP telephones with pc's/thinclients behind it. These devices (PC/Telephones) are now placed in the same VLAN (Voice VLAN). I think you base the assignment of the vlan on the intstatus.txt file? If so then I can explain the problem. Each telephone (Voice VLAN)has a pc or thinclient connected on it (Data VLAN). This gives 2 Mac Addresses: 1 in the Voice VLAN and 1 in the Data VLAN, although this is not defined as a trunk it is a special kind of trunk (also referred as a babytrunk). It might be a bit difficult to change this, as I think you miss an essential piece of info (VLAN) in the mactable.txt file compared to the show mac address-table out of a Cisco Switch.

PS: The commands on a Cisco Scwitch that do this.
interface FastEthernet0/1
switchport mode access
switchport voice vlan 101
switchport access vlan 201

Thx in advance.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Jonathan Yantis - 2013-03-08

Mario,

First of all I'm glad to hear most things are working out of the box, I don't always get a lot of feedback so good to know.

As for the voice vlan, it is an issue I'm aware of and would like to fix. Essentially I need to record the voice vlan separately for each port and map mac addresses to either the data or the voice vlan while also displaying both vlans. There's a number of issues to consider and I've never come up with a solution I was happy with, so I haven't resolved it yet. I will put it on my list of changes for the next version though and see if I can some up with a solution I'm happy with.

Other than that, I hope this helps with the management of your network. Let me know if anything else comes up.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.