How to prevent specific network device types from being discovered?

,

Sometimes specific device categories (UPS units, Printers etc) must be excluded from network discovery due to their low importance

from the Network Monitoring prospective or due to security concerns or because of their impact on Nectus processing load.

This can be achieved with OID ignore list.

For example we want  to prevent all Xerox ApeosPort Series Printers from being discovered

SNMP Platform ID: .1.3.6.1.4.1.297.1.11.93.1.35.8.6.2
Category Name: Xerox ApeosPort Series Printers

We need to take this category’s SNMP platform OID and add it to “OID ignore” list located under “Settings -> Network Discovery settings”

How to get Interfaces’ ifIndex values via SNMP

,

To obtain list of ifIndex values for all interfaces for given device SNMP polling agent has to send

SNMP GET BULK request for the following OID:  .1.3.6.1.2.1.2.2.1.1

Response Example:

‘.1.3.6.1.2.1.2.2.1.1.1’ => “1”
‘.1.3.6.1.2.1.2.2.1.1.2’ => “2”
‘.1.3.6.1.2.1.2.2.1.1.3’ => “3”
‘.1.3.6.1.2.1.2.2.1.1.4’ => “4”
‘.1.3.6.1.2.1.2.2.1.1.5’ => “5”
‘.1.3.6.1.2.1.2.2.1.1.6’ => “6”
‘.1.3.6.1.2.1.2.2.1.1.7’ => “7”
‘.1.3.6.1.2.1.2.2.1.1.8’ => “8”
‘.1.3.6.1.2.1.2.2.1.1.9’ => “9”
‘.1.3.6.1.2.1.2.2.1.1.10’ => “10”
‘.1.3.6.1.2.1.2.2.1.1.11’ => “11”
‘.1.3.6.1.2.1.2.2.1.1.12’ => “12”
‘.1.3.6.1.2.1.2.2.1.1.13’ => “13”
‘.1.3.6.1.2.1.2.2.1.1.14’ => “14”
‘.1.3.6.1.2.1.2.2.1.1.15’ => “15”
‘.1.3.6.1.2.1.2.2.1.1.17’ => “17”

Next Step is to get Interface names by sending SNMP GET BULK request for the following OID:  .1.3.6.1.2.1.2.2.1.2

Response Example:

‘.1.3.6.1.2.1.2.2.1.2.1’ => “TenGigabitEthernet0/0/0”
‘.1.3.6.1.2.1.2.2.1.2.2’ => “TenGigabitEthernet0/0/1”
‘.1.3.6.1.2.1.2.2.1.2.3’ => “GigabitEthernet0/0/0”
‘.1.3.6.1.2.1.2.2.1.2.4’ => “GigabitEthernet0/0/1”
‘.1.3.6.1.2.1.2.2.1.2.5’ => “GigabitEthernet0/0/2”
‘.1.3.6.1.2.1.2.2.1.2.6’ => “GigabitEthernet0/0/3”
‘.1.3.6.1.2.1.2.2.1.2.7’ => “GigabitEthernet0/0/4”
‘.1.3.6.1.2.1.2.2.1.2.8’ => “GigabitEthernet0/0/5”
‘.1.3.6.1.2.1.2.2.1.2.9’ => “Crypto-Engine0/0/8”
‘.1.3.6.1.2.1.2.2.1.2.10’ => “GigabitEthernet0”
‘.1.3.6.1.2.1.2.2.1.2.11’ => “Null0”
‘.1.3.6.1.2.1.2.2.1.2.12’ => “Port-channel1”
‘.1.3.6.1.2.1.2.2.1.2.13’ => “Port-channel2”
‘.1.3.6.1.2.1.2.2.1.2.14’ => “Port-channel2.599”
‘.1.3.6.1.2.1.2.2.1.2.15’ => “Port-channel2.11”
‘.1.3.6.1.2.1.2.2.1.2.17’ => “Port-channel2.3213”

Now we are able to match Interface name to an ifIndex value.

Please note unless ifIndex persistence is enabled router (or switch) may assign different ifIndex value to the same interface after reboot.

To enable consistent ifIndex-to-Interface mapping ifIndex persistence must be enabled.

Configuration example for Catalyst 6500

Router(config)# snmp-server ifindex persist

Globally enables SNMP ifIndex persistence.

 

Generating Site level network topology with Nectus

,

This short video shows basic steps to generate site level network topology

Nectus Logo

SNMPv3 Configuration example for IOS-XR (ASR9k)

,

IOS-XR SNMP v3 configuration example for username “user_des”

 

  1. snmp-server group admins v3 priv
  2. snmp-server user user-des admins v3 auth md5 “authpass” priv des56 “privpass” SystemOwner

 

this configuration will use MD5 hash for authentication and DES cipher (DES56) for encryption.

IOS-XR (as of 5.3.4 code) also supports

3DES  – 168 bit 3DES algorithm for encryption
AES – 128 bit AES algorithm for encryption

How does Nectus discover your network?

,

During Nectus installation user can define up to 10 IPv4 subnets that will be used

as initial seed subnets for ICMP scan. Immediately after Installation is completed Nectus

starts ICMP scan of provided subnets and builds a list of live IP addresses that responded to Ping.

Read more

Submitting unknown SNMP devices for classification in Nectus

,

When Nectus discovers a new device it uses its SNMP sysObjectID (1.3.6.1.2.1.1.2) value to classify device by manufacturer,

by major platform category and by model number.

For example sysObjectID value of 1.3.6.1.4.1.9.1.1018

Defined as:

Manufacturer Value: Cisco Systems (9)

Major Category: Cisco ASR 9000 Aggregation Services Routers

Model: Cisco ASR 9006 Routers Read more

Can I see your network diagram?

,

What is the first question you ask when you start a new network project or start a new job as a network engineer?”:

– Can I see your network diagram?

Lucky you if you get it right away and in the “right” format (Visio?) but in my past I remember places where it took me weeks to find the right person who

had that diagram, which was very often not up to date or did not contain information I needed or was only showing application layer components and

I still had to spend hours doing “show cdp nei” and re-creating drawings the way I like it with the information I needed. Read more