End Device Tracking Add-On for Cacti

[TheWitness]

Hello all. I have been working on the following add-on for Cacti 0.8.6g and I would like to know what you all think. Please review the graphs and post.

It is currently running on my production Cacti poller server (and can run elsewhere too) and scans the entire environment (over 1500) access switches, distribution switches, routers and hubs in less than 1 hour.

It currently works against:
1) Any 802.1d SNMP Device Supporting the 802.1d MIB
2) Cisco IOS
3) Cisco Catalyst
4) Cabletron Securefast
5) Cabletron SEHI
6) Any SNMP Enabled Router

Thanks,

TheWitness

[Pumpi]

What a cool and helpful addon TheWitness !!

Perhaps you can add dedicated support HP Procurve Switch devices ?

Thanks again !

[zuessi]

Looks very interesting.

I am running a perl-script collecting this information, but it just creates isolated text-files. The integraton into cacti is a brilliant idea.

Zuessi

[zuessi]

Looks very interesting.

I am running a perl-script collecting this information, but it just creates isolated text-files. The integraton into cacti is a brilliant idea.

Zuessi

[TheWitness]

Pumpi,

My todo list to complete the package is 12 items long. Once I chip away at the block a little more, I would be glad to support your procurve stuff.

If I could ask a favor though, could you please send me the sysDescr and sysObject OID's of all your devices in addition, walk the entire OID structure of your switch and shoot me those two files. You can be a pilot tester if you'd like.

It would also be beneficial if you could present a switch to the internet for me to poll with a device or two active.

Larry

[Mikkel]

Looks great! Where's the download link?

[gondo]

Oh my....

My oh my oh my....

lions and tigers and bears....

sniff sniff....

wow....

consolidated dashboards coming to a cacti install close to you....

Now in seroiusness, I have been a user of Cacti for a year.
The strides that have been made to get the code base under control, create the plug-in api, etc. have finally convinced me to offer services for Beta testing 0.9. I would not have committed if I had not seen the awesome job yin's guys have made. (yes, originally from Pittsburgh, PA.)

CACTI ROCKS SOCKS!

[gaurav]

This looks excellent!! When will this be available for download?

Thanks,
- Gaurav

[rony]

Guys, let him finish it already...

[gaurav]

[gandalf]

Well, looks great, indeed.
I'm looking forward to those cool filtering option shown in the screenshots. But what about the data sampling method? Is it SNMPing around the world? Is ith arpwatch like (but what about routing domains). Will it be possible, to specify IP Ranges/Nets to supress scanning clients?
Sorry for all theses "requirements", but I think the approach will speed up the cacti community!
Reinhard

[TheWitness]

Here is the theory of operation.

The success to end device tracking relies on "Sites". These are groupings of switches and intellegent hubs that are served by one or more routers.

The concept is quite simple. Scan all Layer2/Layer1 devices dot1d (and other OID's depending on vendor) for MAC to PortNumber relationships. Avoid all non-user, trunk, and link ports by being smart. Then, for that same sites router(s), grab the ARP table(s). Combine the two and you are done. It works like a charm.

Note: THERE IS NO END DEVICE SCANNING THAT TAKES PLACE AS A PART OF THIS PRODUCT. A nice feature would be to have each sites routers force a "Hello" packet prior to the scan to get all end devices to refresh their respective switches bridge tables.

However, a good practice is to have your routers ARP timeout closely align with the corresponding bridge timers anyway. So, as long as you have a well managed router/switch configuration policy, this should not be required.

As I stated, I am currently running an early Alpha at my location. I am scanning over 1500 switches and routers in less than an hour and returning well over 20k IP addresses and 20k MAC addresses.

As of right now, the user interface is 100% complete with the exception of the "Device Types", which I planned to work on this weekend. Then, I have to work on an install script, documentation, and specifics around the calling of the scanner from the poller along the way.

I don't want to release it too early and then have to appologize later.

TheWitness

[Tramjoe]

TheWitness,

I like it a lot !

However, I can't help but asking :
- is this supposed to be able to feed a L2 topology map description (like, say, a nice XML format we could parse and then fedd to whatever map-generator we have)
- Once the IPs and MAC addresses are known, is there a way to consolidate thoses belonging to a single physical host manually / automatically using SNMP
- Have you considered using nmap + SNMP on IPs and some rulebase linking results to host templates ? This yould be awesome to automatically have new hosts poping up added to cacti main devices list !
- Generally speaking, what kind of linking/consolidation do you intend to have between the plugin discovered network interfaces and cacti main devices list ?

Anyway, nonwhistanting your answers to previous questions, I volunteer to test it (even in early stage) and help debuging it / extending it with my network router/switches (dell, cisco, 3com).

The screenshots really look promising, but I nedd to see this in action ! (helping to keep the pressure on ;-p)

[mgb]

This looks great. Will this be made like a plugin or a patch to the current working version of cacti?

Michael

[TheWitness]

I have discussed this with the other developers and we are going to make it a plugin (although and extensive one) for right now. We'll see how it goes.

TheWitness