Simple Cisco Network Management System Wiki

Brought to you by: mike47j

scan

Labels:

Authors:

Background scans

While the program is running there are many tasks running in the background checking all the equipment is working and trying to discover new equipment.

Normal Ping Scan

There are 4 tasks scanning the known devices. They start a new check on a device every ½ second. They ping all the managed interfaces on the device to find out which are up or down. The device icon is white if the device or all the interfaces are unmanaged, green is all the interfaces are up, red if they are all down (or unreachable), and yellow if at least one interface is up and one interface down. The up or down state depends on a rolling average of success and aims to show anything less than 97% good as down.

There is a fast queue for devices and interfaces which may have changed state. This is fed from a ping fail or an SNMP trap.

The ping time to the Main IP address is also logged by RRDTool, so that it can display a Graph over the last day or month.

Discovery

This pings every address in the specified subnet, if no subnet is specified then the default subnet is a class C subnet based on the PC’s IP address.　Since most of the addresses pinged will time out, a single task would take about 21 minutes just to scan a class C subnet.

So 10 tasks are started and do this at about ½ second per address, a Class C subnet should take just over 2 minutes, a class B subnet will still take over 9 hours, and a class A subnet would take about 97 days. Since it is not very useful to scan a large subnet, connected Cisco devices are found by Cisco Discovery Protocol (CDP) which is checked all the time in the background by the ReCheck scan. An SNMP trap from an unknown device will also add the device.

These task are run on start up and then about every 23 hours.

ReCheck Scan

There are 2 tasks checking known devices for a change. These do about 1 device every 30 seconds. They try to check for a MAC address change of an interface, or an SNMP or CDP availability change. It also checks devices with CDP to discover new devices.

SNMP Collect Scan

Every minute, 2 tasks run to collect SNMP traffic data from all the interfaces. They collect the ifInOctets and ifOutOctets for each interface. RRDTool then stores the data, and converts it to display/print graphs in bits/sec.