The string "[0]" instead of interface name in FDB for non-vlan1 ports

Started by rsk, July 12, 2016, 02:07:33 PM

Previous topic - Next topic

rsk

Hello.

I have just started setting up NetXMS, and I'm very impressed with the software.
I have been looking for monitoring software that's not "Nagios style" text configs and subprocess-plugins-for everything since quite a while.

However, I just can't find a way to solve this issue myself - hope you can help me.

NetXMS:
Version: 2.0.4
Platform: Windows, 64-bit
Database: PostgreSQL

Network:
All Cisco Catalyst.
Access switches are a mix of 3560G (IOS 12.x) and 2960X (IOS 15.x).
Core switches handling site's internal routing are 3750G (also IOS 12.x).
Everything is detected as CATALYST-GENERIC driver by NetXMS.

Problem:
Switchports that are in access mode in vlan 1, and ports that are in trunk mode and include vlan 1 in trunk vlans list are identified properly.
However, ports that do not include vlan 1 are shown as interface name "[ 0 ]" in the "Topology -> Switch forwarding database (MAC address table)" screen.

Because of that, the "Find MAC address" function falls back to showing "indirectly connected on <router trunk port>", for example.

I have verified with Wireshark that NetXMS is using the Cisco "community@123" vlan-indexing syntax.
However maybe that's part of issue - names for interfaces are retrieved for base "community" only, and it's somehow not matched to same interface index numbers in the @vlan data?


I have attached CSV dumps from the FDB screens for one of the switches - same behavior on all of them.
I'll be happy to attach a sanitized snmpwalk if you'll tell me what subtree you need.

switch13-infoFDB.csv: "Tools->Info->Switch forwarding database (FDB)"
* port 49 and 50 (SFP+ uplink trunks, including vlan 1)
* port 456 (PortGroup1 trunk, including vlan1)
* port 4 (access port in vlan1)
* no rows for other access ports


switch13-topologyFDB.csv: "Topology-> Switch forwarding database (MAC address table)"
* huge number of results for ports Gi1/0/49-50 (SFP+ uplink trunks, including vlan1)
* multiple results for port Po1 (PortGroup1 trunk, including vlan1)
* single result for port Gi1/0/4 (access port in vlan1)
* Many entries for devices connected to other access ports, showing "[ 0 ]" instead of the expected "Gi1/0/xxx".

Thank you very much!

Tatjana Dubrovica

#1
Hi.

Can you please provide walks for this OIDs:
.1.3.6.1.2.1.17.1.4.1.2
.1.3.6.1.2.1.2.1.0
.1.3.6.1.2.1.2.2.1.1
.1.3.6.1.2.1.31.1.1.1.1
.1.3.6.1.2.1.2.2.1.2

Thank you.

wonderboy

Tatjana,
Will post here 'cause I have the same issue.
I have a cisco switch 3550 (which is snmp-enabled) and sensor1 (disabled all polls except icmp) with mac 00:a2:19:60:00:00 that is connected to fa0/48 port (access port with vlan 10). FDB table for 3550 is showing me this:
00:a2:19:60:00:00    48    [0]     10      sensor1     dynamic
so FDB seems correct however I don't know what is 'interface' = 0 and in the interface tab of the object viewer netxms does not show any peer nodes, but it has to be fa0/48    .....     sensor1    192.168.x.x    FDB.

I attached requested OIDs.

wonderboy

I maybe wrong, but here is my thoughts about this.
ifIndex is 0 'cause ifIndexFromPort function return 0.
Take a look at fdb.cpp:

void ForwardingDatabase::addEntry(FDB_ENTRY *entry)
{
// Check for duplicate
for(int i = 0; i < m_fdbSize; i++)
if (!memcmp(m_fdb[i].macAddr, entry->macAddr, MAC_ADDR_LENGTH))
{
memcpy(&m_fdb[i], entry, sizeof(FDB_ENTRY));
m_fdb[i].ifIndex = ifIndexFromPort(entry->port);                        <--- here
return;
}

if (m_fdbSize == m_fdbAllocated)
{
m_fdbAllocated += 32;
m_fdb = (FDB_ENTRY *)realloc(m_fdb, sizeof(FDB_ENTRY) * m_fdbAllocated);
}
memcpy(&m_fdb[m_fdbSize], entry, sizeof(FDB_ENTRY));
m_fdb[m_fdbSize].ifIndex = ifIndexFromPort(entry->port);                             <--- and here
m_fdbSize++;
}


UINT32 ForwardingDatabase::ifIndexFromPort(UINT32 port)
{
for(int i = 0; i < m_pmSize; i++)
if (m_portMap[i].port == port)                   <---so it seems like portMap structure does not contain required port, why?
return m_portMap[i].ifIndex;
return 0;
}


portMap structure populated by "addPortMapping" function which is called from Dot1dPortTableHandler callback, and which is called from

ForwardingDatabase *GetSwitchForwardingDatabase(Node *node)
{
if (!node->isBridge())
return NULL;

ForwardingDatabase *fdb = new ForwardingDatabase(node->getId());
node->callSnmpEnumerate(_T(".1.3.6.1.2.1.17.1.4.1.2"), Dot1dPortTableHandler, fdb);              <---- here
node->callSnmpEnumerate(_T(".1.3.6.1.2.1.17.7.1.2.2.1.2"), Dot1qTpFdbHandler, fdb);


But this snmpenumerate request must also be vlan-context-aware as with followed code with mac address table request.

Here is a sample snmpwalks to the cisco switch:
admin@netxms:/home/admin# nxsnmpwalk -c community@10 172.x.x.x .1.3.6.1.2.1.17.1.4.1.2
.1.3.6.1.2.1.17.1.4.1.2.7 [INTEGER]: 7
.1.3.6.1.2.1.17.1.4.1.2.31 [INTEGER]: 31
.1.3.6.1.2.1.17.1.4.1.2.47 [INTEGER]: 43
.1.3.6.1.2.1.17.1.4.1.2.48 [INTEGER]: 44
.1.3.6.1.2.1.17.1.4.1.2.65 [INTEGER]: 53
admin@netxms:/home/admin# nxsnmpwalk -c community@11 172.x.x.x .1.3.6.1.2.1.17.1.4.1.2
.1.3.6.1.2.1.17.1.4.1.2.65 [INTEGER]: 53

Victor Kirhenshtein

Hi,

most likely you're right. If you can rebuild server from source, please try attached patch.

Best regards,
Victor