no values for Dot1x and browser hangs

[hans-mayer]

Dear Developers,

My environment: GNU/Linux 4.15.0-45 , PHP 7.2.19-0ubuntu0.18.04.1, Cacti Version 1.2.5 from Github latest commit f5205ab7ff714ccb0c180e23d812ff2d5728896f, MacTrack 4.4 latest commit bfe38cc704da87a567ee8418d62bf186ae1403ac (HEAD -> develop, origin/develop, origin/HEAD)

Almost all is working fine with MacTrack. I see all my devices, thousands of IP's, MAC's and even more interfaces.

We are using 802.1x in our Cisco network. But when I click on the "Dot1x" button in MacTrack the lists stays empty. Also the browser hangs. Even opening a new incognito window does not help. I have to terminate the browser and to restart. Or waiting about 10 minutes for "Console". I tested with Chrome and Firefox on MacOS and Windows 10.

I configured a device scanning function called "CiscoSwitchRouter". For MAC address scanning I selected "get_IOS_dot1dTpFdbEntry_ports" and for IP address scanning I have "get_standard_arp_table" which works obviously fine for both as I see the values. For 802.1x scanning I have only one possibility "get_cisco_dot1x_table".

Any ideas how I can working to run Dot1x ? Can I provide you with any additional information ? Turning on some debuging ? MySQL dump ??

Kind regards Hans

--

[jdcoats]

I realize that this is not going to be helpful but I'll give my 2 cents anyway. The dot1x scanning function is known to not be working yet. Just ignore the button and don't enable it until its fixed :)

[hans-mayer]

OK. thanks. :-( But the button should at least not hang up the browser.

In any case, many thanks to the developer. It's a great tool.

// Hans

[jpobeda]

What Cisco platform are you running?

Additionally you could try https://github.com/Cacti/plugin_mactrack/wiki/MIB-Support-by-Vendor-(Work-in-progress) and see if any of those OIDs return values.

Errors in Cacti logs?

It works for me but I stopped updating Cacti at 1.1.37 version so I'm far from the latest at this point.

[hans-mayer]

Hi jpobeda

Thanks for the link. I tested these OIDs listed below "get_cisco_dot1x_table" with snmpwalk and I got results. But the cacti web page hangs when I click on the dot1x button. I see just now there is a MySQL table called "mac_track_dot1x". It has a lot of data. So, collecting data should work. But displaying not.

Kind regards Hans

--

[jpobeda]

@hans-mayer

Have you checked Cacti's log for errors? It's a long way from the version I'm running to yours so I can't really help you here. Let's try summoning the great @netniV and see what happens :O

The fact that you mentioned there are records on dot1x table means that the scanning function is collecting the record, the browser queries are blowing up or something else

[netniV]

As much as I feel like the wizard of oz after reading that... I haven't used MacTrack for a while so I'd have to get it all setup again.

[TheWitness]

As I see it, it's all about the join being a full join, which will crash a database good as the number of records increase. We need the join to be converted to an inner join such that only the correct number of records are returned. That is my recollection of the problem. It's been a while since I've touched MacTrack as you can imagine.

[jdcoats]

It works for a few switches but when you get up to 23000+ records it bombs the browser. Also the IP address field isn't parsed correctly for me. I end up with either a reverse hex of the ip address like "0A 0A DD 2C" or its just junk like '+"' or '%"' or any of other no meaningful characters.

[jpobeda]

That IPv4 problem is detailed here: https://github.com/Cacti/plugin_mactrack/issues/76

Agree that with lots of records it blows up, that's why I clean them up from time to time. That's why I also logged this: https://github.com/Cacti/plugin_mactrack/issues/42 asking for help for the data retention part of it. That bit is used for all other tables and different functions so it was a lot to consider.

Regarding the query that blows up the browser was my lack of MySQL knowledge on top of my lack of PHP knowledge and skills :)

I don't have the time now to review it myself but even If I had the time I lack the knowledge to fix it myself :(

Happy to help tho,

[TheWitness]

Anyone want to fix this? I don't have the equipment to do the testing, but would be okay to review your installs after hours or before working hours EDT/EST (after the 21st).

[jdcoats]

@TheWitness I can make my self available when you have the time to look into the issue. I bet we can blow up the dot1x table rather quickly.

[TheWitness]

@jdcoats, how about 1:00pm EST today? If that works, send an email to thewitness at cacti dot net with a meeting invite.

[jdcoats]

@hans-mayer check out todays changes and test please.

[TheWitness]

Until the update is released, you should also run the following alter statement:

ALTER TABLE mac_track_dot1x MODIFY COLUMN port_name int(10) unsigned NOT NULL default '0';