MJL85 / natlas

natlas - Network Discovery and Auto-Diagramming
GNU General Public License v2.0
511 stars 110 forks source link

tracemac always NOT FOUND #47

Open robp2175 opened 5 years ago

robp2175 commented 5 years ago
python3 natlas-cli.py tracemac -n 10.40.10.1 -m ffff.c538.3203
natlas v0.12.1
Michael Laforest <mjlaforest@gmail.com>
Python 3.6.7

HOP    NODE IP          NODE NAME                  VLAN     PORT          REMOTE NODE IP   REMOTE NODE NAME
---    -------          ---------                  ----     ----          --------------   ----------------
1      10.40.10.1
NOT FOUND

If I run show mac-address | include ffff.c538.3203 on the switch, it is there ffff.c538.3203 1/1/29 Dynamic 104 Not really sure where to start looking. ANy help would be appreciated.

MJL85 commented 5 years ago

It looks like you are not pulling anything for SNMP from that device. Did you set up the SNMP community in the config file?

robp2175 commented 5 years ago

Yes, I have and I can snmpwalk the device

MJL85 commented 5 years ago

May I ask what switch model and software it's running?

edit: Also try the get-mac-table module to see if you can pull any MACs off the device.

robp2175 commented 5 years ago

Sure. I have tested it on two switches. One is a Brocade ICX-7450-48p Not sure of the other but I’ll get back to you.

robp2175 commented 5 years ago

The other switch is a Brocade ICX-7750-48P. I can snmpwalk on both of them no problem

snmpwalk -v 2c -c public 10.40.10.1

robp2175 commented 5 years ago

If it helps the first bit of snmpwalk looks like this

SNMPv2-MIB::sysDescr.0 = STRING: Brocade Communications Systems, Inc. ICX7750-48F, IronWare Version 08.0.30tT203 Compiled on Feb 13 2019 at 17:48:25 labeled as SWR08030t
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.1991.1.3.60.2.1.1.3
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (357847100) 41 days, 10:01:11.00
SNMPv2-MIB::sysContact.0 = STRING:
SNMPv2-MIB::sysName.0 = STRING: MSRV01
SNMPv2-MIB::sysLocation.0 = STRING: Server Room
SNMPv2-MIB::sysServices.0 = INTEGER: 6
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORID.1 = OID: SNMPv2-SMI::zeroDotZero
SNMPv2-MIB::sysORDescr.1 = STRING:
SNMPv2-MIB::sysORUpTime.1 = Timeticks: (0) 0:00:00.00
IF-MIB::ifNumber.0 = INTEGER: 88

and with the actual OIDs

snmpwalk -v 2c -c public 10.40.10.1 -On
.1.3.6.1.2.1.1.1.0 = STRING: Brocade Communications Systems, Inc. ICX7750-48F, IronWare Version 08.0.30tT203 Compiled on Feb 13 2019 at 17:48:25 labeled as SWR08030t
.1.3.6.1.2.1.1.2.0 = OID: .1.3.6.1.4.1.1991.1.3.60.2.1.1.3
.1.3.6.1.2.1.1.3.0 = Timeticks: (357856400) 41 days, 10:02:44.00
.1.3.6.1.2.1.1.4.0 = STRING:
.1.3.6.1.2.1.1.5.0 = STRING: SRV01
.1.3.6.1.2.1.1.6.0 = STRING: Server Room
.1.3.6.1.2.1.1.7.0 = INTEGER: 6
.1.3.6.1.2.1.1.8.0 = Timeticks: (0) 0:00:00.00
.1.3.6.1.2.1.1.9.1.2.1 = OID: .0.0
.1.3.6.1.2.1.1.9.1.3.1 = STRING:
.1.3.6.1.2.1.1.9.1.4.1 = Timeticks: (0) 0:00:00.00
.1.3.6.1.2.1.2.1.0 = INTEGER: 88
.1.3.6.1.2.1.2.2.1.1.1 = INTEGER: 1
LaurentDumont commented 5 years ago

I assume that the neighbor dectection is LLDP based for Brocade switches. It seems to be broken and that might prevent the switch from jumping from your root node and starting the LLDP crawl till it finds the target MAC.

Just a wild guess though.

robp2175 commented 5 years ago

Tried the get-mac-table command as suggested. nada

PS C:\Scripts\natlas> python natlas-cli.py get-mac-table -n 10.40.10.1 -c public
natlas v0.12.1
Michael Laforest <mjlaforest@gmail.com>
Python 3.7.2

VLAN        Name

Collecting MACs...

PORT        MAC               VLAN        VLAN_Name
----        ---               ----        ---------

Found 0 VLANs
Found 0 MAC addresses

Completed in 0:0:4.61s
MJL85 commented 5 years ago

Could you walk snmp at these two locations? 1.3.6.1.4.1.9.9.46.1.3.1.1.2 1.3.6.1.2.1.17.4.3.1.1 The first one is where the VLANs for that switch are located, and the second should be the CAM table. Brocade might be using different OID's for either or both. Presently natlas was developed and tested only for Cisco, since that's really all I have access to. I would be more than happy to try to add support for other vendors but it's tough without being able to test.

robp2175 commented 5 years ago

My apologies, it has taken me a bit to get back to this. I can confirm those two OIDs do not exist in a brocade switch. This OID sems to give me a list of all my VLANs 1.3.6.1.2.1.17.7.1.4.2.1.3

This OID gives me all my VLAN names 1.3.6.1.2.1.17.7.1.4.3.1.1

and this seems to be the brocade equivalent of the second OID you listed in brocade. However this OID seems to give me a list of all the MAC addresses on the switch. 1.3.6.1.2.1.17.4.3.1.1

this is an example of the output from an snmpwalk of this oid .1.3.6.1.2.1.17.4.3.1.1.140.220.212.39.205.150 = STRING: ff:ff:d4:27:cd:96

The below is from the MIB reference document The dot1dTpFdbTable (OID 1.3.6.1.2.1.17.4.4) in RFC 1493 is used to find dynamically learned MAC addresses. Statically configured MAC addresses are in the snFdbTable (refer to “Forwarding database static table information” on page 365).

I tried changing these values in snmp.py but I get this now, so clearly this was not correct. Not sure if I am getting closer or farther from the solution.

HOP    NODE IP          NODE NAME                  VLAN     PORT          REMOTE NODE IP   REMOTE NODE NAME
---    -------          ---------                  ----     ----          --------------   ----------------
1      10.40.10.1       [E] get_snmp_bulk(public@1): No SNMP response received before timeout
[E] get_snmp_bulk(public@1): No SNMP response received before timeout
[E] get_snmp_bulk(public@1): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116@117): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116@117): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116@117): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116@117@118): No SNMP response received before timeo
ut
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116@117@118): No SNMP response received before timeo
ut
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116@117@118): No SNMP response received before timeo
ut
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116@117@118@119): No SNMP response received before t
imeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116@117@118@119): No SNMP response received before t
imeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116@117@118@119): No SNMP response received before t
imeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116@117@118@119@121): No SNMP response received befo
re timeout