Network Discovery - Passive mode

Started by maggio, April 29, 2010, 03:53:51 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

maggio

April 29, 2010, 03:53:51 PM
Hi,

I would like to know how network discovery (passive mode) work?
All my network device are under subnet 130.224.0.0/255.255.0.0, and i would like to discover then with passive mode and with larger network as 130.0.0.0 (not specifing .224 for example)

Is it possible? how long it will take to discover my network ?

Thanks a lot.
Maggio

maggio

#1
April 29, 2010, 04:12:21 PM
Which are the specific difference between active and only passive, network discovery ?

Thanks.
Maggio

Victor Kirhenshtein

#2
April 29, 2010, 11:49:06 PM
Hello!

In passive mode, NetXMS server only collects information about network devices by reading ARP caches and routing tables on already known devices. In active mode, server additionally pings every address in given subnets and uses responding addresses as well.

Network discovery can take many hours or even days, it depends on network size. Also, don't forget that NetXMS server should have SNMP access to as much network devices as possible to be able to obtain required information.

You can discover all reachable devices and networks, just make sure that your devices and firewalls allows SNMP requests from NetXMS server.

Best regards,
Victor

maggio

#3
April 30, 2010, 01:13:49 PM
Hi,

Can you confirm that passive mode works only with already known devices ? If yes, i have to run my first discovery obligatory with the active mode.
Can you confirm that nexms try ping on all IP of the subnet. If yes, could take a very long time. Is it correct?

Thanks!

Victor Kirhenshtein

#4
May 01, 2010, 11:04:40 AM
Hi!

I mean that in passive mode NetXMS uses data from known devices to find new devices. For example, you have one device in NetXMS - router with IP address 10.0.0.1 accessible with SNMP. During discovery poll, server reads ARP cache and routing table from that router. For example, it founds two entries in router's ARP cache - 10.0.0.7 and 10.0.0.44. NetXMS then adds new devices with addresses 10.0.0.7 and 10.0.0.44 (if filter does not prevent it), and do discovery poll on them if possible - and that process repeats for each found device. You need active discovery only if you have devices which may not communicating with already known devices, so they will not appear in known devices' ARP cache.

And yes, pinging all IP addresses on subnet can take very long time, especially if you have many unused addresses, because server will wait for possible reply for each address.

Best regards,
Victor
Print
Go Up Pages1
User actions