Add Trunk port for Scanning MACs

Support questions about the MAC Track plugin

Moderators: Moderators, Developers

Post Reply
Author
Message
jagmeetbhinder
Posts: 40
Joined: Sun Oct 21, 2012 10:42 pm

Add Trunk port for Scanning MACs

#1 Post by jagmeetbhinder » Wed Aug 26, 2015 12:38 pm

Hi,

I have some ports on nexus switches configured as trunk ports and connected to VMware but these ports are users ports. Can someone please help me adding these ports to mac scanning and exclude only trunk unlink ports.

Thanks

monitoringisfuncr
Posts: 11
Joined: Wed Dec 07, 2016 11:25 am

Re: Add Trunk port for Scanning MACs

#2 Post by monitoringisfuncr » Tue May 30, 2017 12:48 pm

Regarding this topic, right or wrong, I also have a need to be able to Scan / Detect MACs and IPs up the trunk port that attach to our Cisco L3 Switches / Routers ( Most happen to be Nexus , but some are a flavor of catalyst switches ). Do you know if anyone has been able to get it to work ? I'm running MACTrack Version 3.0 now and everything works beautifully however I'm missing a lot of important information about our environment since we have a lot of Trunks to devices off our Cisco Gear.

Is MACTrack version 3 supposed to be able to Detect MACs / IPs up a trunk ? I’ve read around forums etc. and see its been a sorta controversial topic / request in the past.

I love all the Cisco specific stuff that MACTrack collects / displays for my cisco gear ( we’re 100% cisco shop ) so I rather not lose any info from a scan perspective , but would really appreciate the ability to get MACs / IPs up a trunked port.

Currently I’m set to :
- Device Type : Switch/Router
- Scanning Function : “get_IOS_dot1dTpFdbEntry_ports”
- IP Address Scanning Function : “get_standard_arp_table”.

Would switching to “generic ports” etc. scanning functions help me gather trunked info, ( hopefully not losing anything cisco handy info based ) ?

Please help.

Thanks

User avatar
XTech
Cacti User
Posts: 59
Joined: Sat May 26, 2012 9:25 pm

Re: Add Trunk port for Scanning MACs

#3 Post by XTech » Tue May 30, 2017 10:56 pm

If you decide to switch to generic scanning function you will lose all vlan information.
You need to modify the code in file <mactrack_dir>/lib/mactrack_cisco.php after the comment: /* only output legitimate user ports */ in corresponding scanning function

monitoringisfuncr
Posts: 11
Joined: Wed Dec 07, 2016 11:25 am

Re: Add Trunk port for Scanning MACs

#4 Post by monitoringisfuncr » Wed May 31, 2017 7:01 am

Thank you very much for your reply. I post things on here all the time and never get replies, so I sincerely appreciate it ! I'm glad you mentioned that as I was starting to head down that path of modifying the cisco.php file under the mactrack lib directory. I was reading the comment "only output legitimate user ports" area and thought that might be where I have to modify something however wasn't sure exactly what and didn't want to break anything. Could you by chance help explain / suggest what I should modify there to get it to work ? I would really appreciate any assistance.

User avatar
jrush
Posts: 8
Joined: Tue May 30, 2017 3:50 am

Re: Add Trunk port for Scanning MACs

#5 Post by jrush » Wed May 31, 2017 8:53 am

Here is just mistake in word legitimate )) - written as legitamate
For me, for showing MAC-s also on trunk ports help this modification in "mactrack_cisco.php" insode of function "get_IOS_dot1dTpFdbEntry_ports()":

Code: Select all

                                /* only output legitamate end user ports */
                                if ($ifType == 6) {
                                        if (1 || ($portTrunkStatus == "2") || (empty($portTrunkStatus)) || (($vVlanID > 0) && ($vVlanID <= 1005))) {
(Here i add "1 ||" in second "if" statement)

monitoringisfuncr
Posts: 11
Joined: Wed Dec 07, 2016 11:25 am

Re: Add Trunk port for Scanning MACs

#6 Post by monitoringisfuncr » Wed May 31, 2017 12:30 pm

Thanks jrush.

I noticed there are 2 sections that have the verbiage : /* only output legitamate end user ports */" within the mactrack_cisco.php file. Do I edit both sections the same way as you illustrated ? ( which essentially seems to add (1 || at the begining of the second IF statement ? ). Thanks again.

monitoringisfuncr
Posts: 11
Joined: Wed Dec 07, 2016 11:25 am

Re: Add Trunk port for Scanning MACs

#7 Post by monitoringisfuncr » Wed May 31, 2017 12:33 pm

As it stands, the current mactrack_cisco.php file has both of these sections :
How should each section be edited to allow me to scan the MACs of the trunked ports ?


/* only output legitamate end user ports */
if ($ifType == 6) {
if (($portTrunkStatus == "2") ||
(empty($portTrunkStatus)) ||
(($vVlanID > 0) && ($vVlanID <= 1000))) {
$port_array[$i]["vlan_id"] = $active_vlan["vlan_id"];
$port_array[$i]["vlan_name"] = $active_vlan["vlan_name"];
$port_array[$i]["port_number"] = $portNumber;
$port_array[$i]["port_name"] = $portName;
$port_array[$i]["mac_address"] = xform_mac_address($port_result["mac_address"]);
$device["ports_active"]++;
$i++;

mactrack_debug("VLAN: " . $active_vlan["vlan_id"] . ", " .
"NAME: " . $active_vlan["vlan_name"] . ", " .
"PORT: " . $portNumber . ", " .
"NAME: " . $portName . ", " .
"MAC: " . $port_result["mac_address"]);




/* only output legitamate end user ports */
if (($ifType == 6) && ($portTrunk == 2)) {
if (($portTrunkStatus == "2")||($portTrunkStatus == "4")||($portTrunkStatus =="")) {
$port_array[$i]["vlan_id"] = $active_vlan["vlan_id"];
$port_array[$i]["vlan_name"] = $active_vlan["vlan_name"];
$port_array[$i]["port_number"] = $ifInterfaces[$ifIndex]["ifName"];
$port_array[$i]["port_name"] = $portName;
$port_array[$i]["mac_address"] = xform_mac_address($port_result["mac_address"]);
$device["ports_active"]++;
$i++;

mactrack_debug("VLAN: " . $active_vlan["vlan_id"] . ", " .
"NAME: " . $active_vlan["vlan_name"] . ", " .
"PORT: " . $ifInterfaces[$ifIndex]["ifName"] . ", " .
"NAME: " . $portName . ", " .
"MAC: " . $port_result["mac_address"]);
}
}

User avatar
jrush
Posts: 8
Joined: Tue May 30, 2017 3:50 am

Re: Add Trunk port for Scanning MACs

#8 Post by jrush » Wed May 31, 2017 3:23 pm

monitoringisfuncr, because i'm using only "get_IOS_dot1dTpFdbEntry_ports" method for my Ciscos in "MacTrack Device Type", I modify only second section.
For understanding, in mactrack_cisco.php: "function get_IOS_dot1dTpFdbEntry_ports" you have this:

Code: Select all

/* only output legitamate end user ports */
if ($ifType == 6) {
if (($portTrunkStatus == "2") ||
(empty($portTrunkStatus)) ||
(($vVlanID > 0) && ($vVlanID <= 1000))) {
And need to modify it to this (was added "1||" at the beginning):

Code: Select all

/* only output legitamate end user ports */
if ($ifType == 6) {
if (1 || ($portTrunkStatus == "2") ||
(empty($portTrunkStatus)) ||
(($vVlanID > 0) && ($vVlanID <= 1000))) {

monitoringisfuncr
Posts: 11
Joined: Wed Dec 07, 2016 11:25 am

Re: Add Trunk port for Scanning MACs

#9 Post by monitoringisfuncr » Thu Jun 01, 2017 9:14 am

Hey jrush,

Thanks for the suggestion / example. I did as you mentioned - adding the (1 || in front of second IF statement after the bottom section that mentions : "Code:
/* only output legitamate end user ports */" , refreshed the scanning functions, and re-scanned, however unfortunately the MAC tab still does not populate the MACs learned on the trunk ports. I wish I knew what else i'm missing / doing wrong here as I really do need to get this working. I'm at a loss.

monitoringisfuncr
Posts: 11
Joined: Wed Dec 07, 2016 11:25 am

Re: Add Trunk port for Scanning MACs

#10 Post by monitoringisfuncr » Thu Jun 01, 2017 10:07 am

Perhaps part of my problem now that I'm digging into results since that adjustment, is that the MACs that I'm expecting to learn are actually being learned on the Cisco Port-Channels. It does not appear that MAC Track shows information regarding port-channels. Is there something that I need to tweak so that MACtrack understands / includes port channel interfaces with it's results ? ( I think that might be part of the problem ). I did find a comment about MAC Track port channels in the post / link below however I'm not sure how to incorporate / use it ( I'm not the best with reading / editing / incorporating new code ).

http://forums.cacti.net/viewtopic.php?t=36804

Thanks in advance if anyone has thoughts / suggestions !

monitoringisfuncr
Posts: 11
Joined: Wed Dec 07, 2016 11:25 am

Re: Add Trunk port for Scanning MACs

#11 Post by monitoringisfuncr » Thu Jun 01, 2017 11:48 am

I made the changes to the mactrack_cisco.php and mactrack_functions.php files as the link suggested. Removing ( - ) the lines and Adding ( + ) lines as the update script suggested and now I get port channel information back for Catalyst / IOS devices which is great, however I still don't get back Cisco Nexus port-channel information which is the bulk of what I need to get back. Any chance you know what would be different with Cisco Nexus port channels vs Catalyst / IOS port channels with regards to those files ?

monitoringisfuncr
Posts: 11
Joined: Wed Dec 07, 2016 11:25 am

Re: Add Trunk port for Scanning MACs

#12 Post by monitoringisfuncr » Thu Jun 01, 2017 3:52 pm

I think I see the problem.... Per the Patch / Script ( mactrack_cisco_etherchannel.patch ) it looks for matches with : Po# ( preg_match("/^Po\d/" ) , then populates MAC Track results. See the difference between how MACTrack sees the Cat/IOS port channels ( ifName ) VS Nexus port channels via my screenshot. How do I edit the mactrack_cisco.php and mactrack_functions.php files to be able to display BOTH the Cat/IOS port channels ( as it is currently working great ) , but ALSO display the Nexus port channels ? ( Assuming I need an OR in the logic , but don't know enough about the code to write that in ). Follow ?


How the Cat/IOS ifNames are for Port-Channels : ( ifName follows scheme Po## )

mysql> select site_id, device_id, ifIndex, ifName, ifAlias, ifDescr, ifType from mac_track_interfaces where device_id=1 AND ifType=53;
+---------+-----------+---------+-----------+------------------------------------------------+--------------------+--------+
| site_id | device_id | ifIndex | ifName | ifAlias | ifDescr | ifType |
+---------+-----------+---------+-----------+------------------------------------------------+--------------------+--------+
| 1 | 1 | 212 | Po11 | Rack 1A-1 | Port-channel11 | 53 |
| 1 | 1 | 213 | Po12 | Rack 1A-2 | Port-channel12 | 53 |



How the Nexus ifNames are for Port-Channels : ( ifName follows scheme port-channel## )

mysql> select site_id, device_id, ifIndex, ifName, ifAlias, ifDescr, ifType from mac_track_interfaces where device_id=16 AND ifType=53;
+---------+-----------+-----------+------------------+-----------------------------+------------------+--------+
| site_id | device_id | ifIndex | ifName | ifAlias | ifDescr | ifType |
+---------+-----------+-----------+------------------+-----------------------------+------------------+--------+
| 6 | 16 | 369098753 | port-channel2 | tor-dc-oob-sw | port-channel2 | 53 |
| 6 | 16 | 369099752 | port-channel1001 | torinfesx01 | port-channel1001 | 53 |
Attachments
MAC Track SQL Query Difference Between Cat IOS and Nexus PortChannel Display for MACs_BOTH-Versions.JPG
MAC Track SQL Query Difference Between Cat IOS and Nexus PortChannel Display for MACs_BOTH-Versions.JPG (116.21 KiB) Viewed 1115 times

Post Reply