When you create a user on the Dell switch, if you give the user level 15 access, you start in enable mode (i.e. there's no need to enter enable mode to enter these commands if the user is at level 15).
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hey, that looks pretty easy to pull off. I'm super busy at the moment but within a couple weeks I should be able to give it a shot.
I also need the port status information though. In the cisco world it's show int status to get the port up/down status, description, speed and duplex. At the very least I need a full list of ports and their up/down status, I'm sure a command exists along those lines.
After that I'll do my best to write the scraper and let you test it for me. Should be relatively easy once I get the status information.
Jonathan
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Here's the command and resulting output from the Dell switch:
console# show interfaces status
Flow Link Back Mdix
Port Type Duplex Speed Neg ctrl State Pressure Mode
----- -------- ---- --- ----- --- ------- ----- -----
g1 1G-Copper - - - - Down - -
g2 1G-Copper - - - - Down - -
g3 1G-Copper - - - - Down - -
g4 1G-Copper - - - - Down - -
g5 1G-Copper - - - - Down - -
g6 1G-Copper - - - - Down - -
g7 1G-Copper - - - - Down - -
g8 1G-Copper - - - - Down - -
g9 1G-Copper Full 100 Disabled Off Up Disabled On
g10 1G-Copper Full 100 Disabled Off Up Disabled On
g11 1G-Copper - - - - Down - -
g12 1G-Copper - - - - Down - -
g13 1G-Copper Full 1000 Disabled Off Up Disabled Off
g14 1G-Copper - - - - Down - -
g15 1G-Copper - - - - Down - -
g16 1G-Copper - - - - Down - -
g17 1G-Copper Full 1000 Disabled Off Up Disabled On
g18 1G-Copper Full 1000 Disabled Off Up Disabled On
g19 1G-Copper - - - - Down - -
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Sorry I forgot about this scraper but I'll try to complete it next week. Couple more questions though, do all Powerconnects support SSHv2? I would like to avoid telnet support if possible. Also, do you know any other port formats other than the simple (g1 - g16). I wonder about chassis switches, 10gig, 100meg etc if I could find those port formats, it would make the scraper a lot better.
Other than that it looks pretty strait forward.
Jonathan
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
We only have two of these, they both support SSHv2. Also, they both have 1G-Copper ports. I know they make switches with 10 Gig ports, but we don't have any here.
I managed to find this on the internet for an ethernet port:
1/e1 100M-Copper Enabled Off Up Disabled Off
but then I also saw this in the same document:
1/e1 1g-combo-c Full 1000 Auto On Enable Auto Up
whereas my switch would use gx for the same thing.
I've also seen:
1/xg1 10G for a 10GigE port
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I'm going to try and get back on this. I ran in to an issue with the port-names I need to resolve before I can get any farther. Just been really busy lately, I'll try again.
Jonathan
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I finally had a quiet morning to give this a shot. Try grabbing the dellscraper.pl from the repository, place it in the /opt/netdb/netdbscraper folder and run it in full debug mode and let me know how it goes. Looks like we need another command to grab descriptions, but hopefully the rest works. If not post back part of the debug if some data is not populated in to the correct fields or there are problems.
Check the files and see how they look, chances are there will be a glitch that needs fixing since I can't test it locally. The debug should help with that.
Jonathan
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Thanks for catching the login glitch. The reason you see 172 everywhere is because you are using the IP address instead of the hostname in the -d switch option, if you use the switch's hostname there that will fix it. If your switch isn't in DNS you can add an /etc/hosts entry for it and get around it that way.
The other problem I see is with the ch1 - ch8 interface in show in status. Could you get me the output for those interfaces from the show int status command? Instead of connected,notconnect they just show up as Not.
After that I think we'll be good to go.
Jonathan
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
One other question I had. These Dell switches are daisy-chained together on access ports. I have host A that connects to switch-1, which connects to switch-2, which connects to switch-3. If I do a switch report for each switch, host A appears on all 3. If I query the mac address of host A, it appears only on switch-3. Is this expected behaviour? The host connects directly to switch-1, but I couldn't scan switch-1 before since it was a Dell switch. I assumed that after I could scan the Dell switch the host would appear on switch-1 in netdb, but that doesn't appear to be the case.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I'll tweak the script and upload all the changes so far in a minute.
The problem is everything is on one VLAN and there's no detection of the uplink ports going on. If we could figure out what a trunk port would look like that would help others down the road. For right now the easiest way around the issue is to add ,skip_port=gi16 or whatever to your switch link is to the devicelist.csv file and it should filter out those ports.
One other question I had. These Dell switches are daisy-chained together on access ports. I have host A that connects to switch-1, which connects to switch-2, which connects to switch-3. If I do a switch report for each switch, host A appears on all 3. If I query the mac address of host A, it appears only on switch-3. Is this expected behaviour? The host connects directly to switch-1, but I couldn't scan switch-1 before since it was a Dell switch. I assumed that after I could scan the Dell switch the host would appear on switch-1 in netdb, but that doesn't appear to be the case.
Adding skip_port seems to have done the trick. I now see the host on the correct switch. There's a lot of old entries still there for the skipped ports, but I guess I need to wait for those to age out.
Thanks again.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Great, if you want you can drop those ports from the database or just let them age out:
Backup the database:
netdbctl -bu /opt/netdb/data/backup.sql
Drop the data from those ports (you could use the netdbadmin SQL credentials if you don't know the root password):
mysql -u root -p
use netdb;
delete from switchports where switch='switch1' and port='g16';
Jonathan
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I have a Dell Powerconnect switch I'd like to include in netdb. I've got the following:
To turn off paging: 'terminal datadump'
To show the mac address table: 'show bridge address-table'
The mac address table looks like this:
Vlan Mac Address Port Type
----- -------------- ---- -------
1 00:18:8b:6a:1f:15 g21 dynamic
1 00:1d:45:84:5a:80 g20 dynamic
1 00:1e:67:08:e2:e4 g20 dynamic
1 00:1e:67:2e:b3:30 g20 dynamic
1 00:1e:67:2e:b3:c8 g20 dynamic
1 00:1e:c9:3a:02:2e g20 dynamic
1 00:21:9b:a3:70:60 g13 dynamic
1 00:e0:ed:12:00:60 g20 dynamic
1 00:e0:ed:18:96:77 g21 dynamic
1 00:e0:ed:1a:02:49 g21 dynamic
1 5c:26:0a:94:d9:0e g21 dynamic
1 5c:26:0a:94:d9:0f g22 dynamic
When you create a user on the Dell switch, if you give the user level 15 access, you start in enable mode (i.e. there's no need to enter enable mode to enter these commands if the user is at level 15).
Hey, that looks pretty easy to pull off. I'm super busy at the moment but within a couple weeks I should be able to give it a shot.
I also need the port status information though. In the cisco world it's show int status to get the port up/down status, description, speed and duplex. At the very least I need a full list of ports and their up/down status, I'm sure a command exists along those lines.
After that I'll do my best to write the scraper and let you test it for me. Should be relatively easy once I get the status information.
Jonathan
Here's the command and resulting output from the Dell switch:
console# show interfaces status
Flow Link Back Mdix
Port Type Duplex Speed Neg ctrl State Pressure Mode
----- -------- ---- --- ----- --- ------- ----- -----
g1 1G-Copper - - - - Down - -
g2 1G-Copper - - - - Down - -
g3 1G-Copper - - - - Down - -
g4 1G-Copper - - - - Down - -
g5 1G-Copper - - - - Down - -
g6 1G-Copper - - - - Down - -
g7 1G-Copper - - - - Down - -
g8 1G-Copper - - - - Down - -
g9 1G-Copper Full 100 Disabled Off Up Disabled On
g10 1G-Copper Full 100 Disabled Off Up Disabled On
g11 1G-Copper - - - - Down - -
g12 1G-Copper - - - - Down - -
g13 1G-Copper Full 1000 Disabled Off Up Disabled Off
g14 1G-Copper - - - - Down - -
g15 1G-Copper - - - - Down - -
g16 1G-Copper - - - - Down - -
g17 1G-Copper Full 1000 Disabled Off Up Disabled On
g18 1G-Copper Full 1000 Disabled Off Up Disabled On
g19 1G-Copper - - - - Down - -
Hi Jonathan:
I was wondering if you needed any more information from me to create this Dell scraper?
Doug,
Sorry I forgot about this scraper but I'll try to complete it next week. Couple more questions though, do all Powerconnects support SSHv2? I would like to avoid telnet support if possible. Also, do you know any other port formats other than the simple (g1 - g16). I wonder about chassis switches, 10gig, 100meg etc if I could find those port formats, it would make the scraper a lot better.
Other than that it looks pretty strait forward.
Jonathan
We only have two of these, they both support SSHv2. Also, they both have 1G-Copper ports. I know they make switches with 10 Gig ports, but we don't have any here.
I managed to find this on the internet for an ethernet port:
1/e1 100M-Copper Enabled Off Up Disabled Off
but then I also saw this in the same document:
1/e1 1g-combo-c Full 1000 Auto On Enable Auto Up
whereas my switch would use gx for the same thing.
I've also seen:
1/xg1 10G for a 10GigE port
Thanks Doug, that helps to make it a little more useful. I'll get back to you next week.
Jonathan
Doug,
Haven't forgotten about this but I've been really busy last couple weeks. I'm going to try again this week.
Doug,
I'm going to try and get back on this. I ran in to an issue with the port-names I need to resolve before I can get any farther. Just been really busy lately, I'll try again.
Jonathan
No problem. Thanks for your continuing effort.
Doug,
I finally had a quiet morning to give this a shot. Try grabbing the dellscraper.pl from the repository, place it in the /opt/netdb/netdbscraper folder and run it in full debug mode and let me know how it goes. Looks like we need another command to grab descriptions, but hopefully the rest works. If not post back part of the debug if some data is not populated in to the correct fields or there are problems.
https://sourceforge.net/p/netdbtracking/code/HEAD/tree/trunk/netdbscraper/
./dellscraper.pl -d switch.domain.com -om mac.txt -oi int.txt -debug 5
Check the files and see how they look, chances are there will be a glitch that needs fixing since I can't test it locally. The debug should help with that.
Jonathan
I just tried this. It doesn't seem to be sending the user configured in /etc/netdb.conf. Here's the log:
[root@netdb netdbscraper]# ./dellscraper.pl -d 172.21.150.248 -om mac.txt -oi int.txt -debug 5
Helper Debug: Loading Alternate Config File: /etc/netdb.conf
Device: 172, fqdn: 172.21.150.248, mac: 1, arp: , vrfs: , ipv6: , devtype:
dellscraper.pl(19422): Connecting to device 172.21.150.248
Host Prompt to wait for: 172#
SSH: Logging in to 172.21.150.248 (timeout: 10)
dellscraper.pl(19422): |ERROR|: Could not open SSH session to 172.21.150.248: SSHAuthenticationError Login timed out. The input stream currently has the contents bellow:
User Name: at /usr/local/share/perl5/Expect.pm line 828
and here's the log from the switch:
Webgate-Switch# 19-Apr-2013 13:58:34 %AAA-W-REJECT: New ssh connection for user unKnown, source 192.168.2.106 destination 172.21.150.248 REJECTED
Doug,
If you ssh to the switch with "ssh username@switch" does it still prompt for the username? Seems like we'll need to handle that specially if so.
Thanks
Yes, it still asks for the username.
Give this version a shot, I updated the login method so hopefully it should login now. Run it the same as above with debug level 5.
https://sourceforge.net/p/netdbtracking/code/HEAD/tree/trunk/netdbscraper/
Thanks
I initially got the same error, but I managed to resolve it myself by removing the space after User Name: in this line:
my @output = $session->login("User Name: ","Password:");
so that it now reads:
my @output = $session->login("User Name:","Password:");
I've attached the debug files.
One thing I've noticed is that the switch name is showing up as '172' for everything.
the switch name problem is solved using a hostname in the command instead of an IP.
Other than that, I entered the switch in the devicelist.csv file. The data showing up in the db seems correct.
Doug,
Thanks for catching the login glitch. The reason you see 172 everywhere is because you are using the IP address instead of the hostname in the -d switch option, if you use the switch's hostname there that will fix it. If your switch isn't in DNS you can add an /etc/hosts entry for it and get around it that way.
The other problem I see is with the ch1 - ch8 interface in show in status. Could you get me the output for those interfaces from the show int status command? Instead of connected,notconnect they just show up as Not.
After that I think we'll be good to go.
Jonathan
Here's the output of those ports:
Ch Type Duplex Speed Neg control State
ch1 -- -- -- -- -- Not Present
ch2 -- -- -- -- -- Not Present
ch3 -- -- -- -- -- Not Present
ch4 -- -- -- -- -- Not Present
ch5 -- -- -- -- -- Not Present
ch6 -- -- -- -- -- Not Present
ch7 -- -- -- -- -- Not Present
ch8 -- -- -- -- -- Not Present
One other question I had. These Dell switches are daisy-chained together on access ports. I have host A that connects to switch-1, which connects to switch-2, which connects to switch-3. If I do a switch report for each switch, host A appears on all 3. If I query the mac address of host A, it appears only on switch-3. Is this expected behaviour? The host connects directly to switch-1, but I couldn't scan switch-1 before since it was a Dell switch. I assumed that after I could scan the Dell switch the host would appear on switch-1 in netdb, but that doesn't appear to be the case.
Doug,
I'll tweak the script and upload all the changes so far in a minute.
The problem is everything is on one VLAN and there's no detection of the uplink ports going on. If we could figure out what a trunk port would look like that would help others down the road. For right now the easiest way around the issue is to add ,skip_port=gi16 or whatever to your switch link is to the devicelist.csv file and it should filter out those ports.
Jonathan
On Apr 25, 2013, at 11:22 AM, smacdoug smacdoug@users.sf.net wrote:
Adding skip_port seems to have done the trick. I now see the host on the correct switch. There's a lot of old entries still there for the skipped ports, but I guess I need to wait for those to age out.
Thanks again.
Doug,
Great, if you want you can drop those ports from the database or just let them age out:
Backup the database:
netdbctl -bu /opt/netdb/data/backup.sql
Drop the data from those ports (you could use the netdbadmin SQL credentials if you don't know the root password):
mysql -u root -p
use netdb;
delete from switchports where switch='switch1' and port='g16';
Jonathan