Add Trunk port for Scanning MACs
Moderators: Developers, Moderators
-
- Posts: 40
- Joined: Sun Oct 21, 2012 10:42 pm
Add Trunk port for Scanning MACs
Hi,
I have some ports on nexus switches configured as trunk ports and connected to VMware but these ports are users ports. Can someone please help me adding these ports to mac scanning and exclude only trunk unlink ports.
Thanks
I have some ports on nexus switches configured as trunk ports and connected to VMware but these ports are users ports. Can someone please help me adding these ports to mac scanning and exclude only trunk unlink ports.
Thanks
-
- Posts: 11
- Joined: Wed Dec 07, 2016 11:25 am
Re: Add Trunk port for Scanning MACs
Regarding this topic, right or wrong, I also have a need to be able to Scan / Detect MACs and IPs up the trunk port that attach to our Cisco L3 Switches / Routers ( Most happen to be Nexus , but some are a flavor of catalyst switches ). Do you know if anyone has been able to get it to work ? I'm running MACTrack Version 3.0 now and everything works beautifully however I'm missing a lot of important information about our environment since we have a lot of Trunks to devices off our Cisco Gear.
Is MACTrack version 3 supposed to be able to Detect MACs / IPs up a trunk ? I’ve read around forums etc. and see its been a sorta controversial topic / request in the past.
I love all the Cisco specific stuff that MACTrack collects / displays for my cisco gear ( we’re 100% cisco shop ) so I rather not lose any info from a scan perspective , but would really appreciate the ability to get MACs / IPs up a trunked port.
Currently I’m set to :
- Device Type : Switch/Router
- Scanning Function : “get_IOS_dot1dTpFdbEntry_ports”
- IP Address Scanning Function : “get_standard_arp_table”.
Would switching to “generic ports” etc. scanning functions help me gather trunked info, ( hopefully not losing anything cisco handy info based ) ?
Please help.
Thanks
Is MACTrack version 3 supposed to be able to Detect MACs / IPs up a trunk ? I’ve read around forums etc. and see its been a sorta controversial topic / request in the past.
I love all the Cisco specific stuff that MACTrack collects / displays for my cisco gear ( we’re 100% cisco shop ) so I rather not lose any info from a scan perspective , but would really appreciate the ability to get MACs / IPs up a trunked port.
Currently I’m set to :
- Device Type : Switch/Router
- Scanning Function : “get_IOS_dot1dTpFdbEntry_ports”
- IP Address Scanning Function : “get_standard_arp_table”.
Would switching to “generic ports” etc. scanning functions help me gather trunked info, ( hopefully not losing anything cisco handy info based ) ?
Please help.
Thanks
Re: Add Trunk port for Scanning MACs
If you decide to switch to generic scanning function you will lose all vlan information.
You need to modify the code in file <mactrack_dir>/lib/mactrack_cisco.php after the comment: /* only output legitimate user ports */ in corresponding scanning function
You need to modify the code in file <mactrack_dir>/lib/mactrack_cisco.php after the comment: /* only output legitimate user ports */ in corresponding scanning function
-
- Posts: 11
- Joined: Wed Dec 07, 2016 11:25 am
Re: Add Trunk port for Scanning MACs
Thank you very much for your reply. I post things on here all the time and never get replies, so I sincerely appreciate it ! I'm glad you mentioned that as I was starting to head down that path of modifying the cisco.php file under the mactrack lib directory. I was reading the comment "only output legitimate user ports" area and thought that might be where I have to modify something however wasn't sure exactly what and didn't want to break anything. Could you by chance help explain / suggest what I should modify there to get it to work ? I would really appreciate any assistance.
Re: Add Trunk port for Scanning MACs
Here is just mistake in word legitimate )) - written as legitamate
For me, for showing MAC-s also on trunk ports help this modification in "mactrack_cisco.php" insode of function "get_IOS_dot1dTpFdbEntry_ports()":
(Here i add "1 ||" in second "if" statement)
For me, for showing MAC-s also on trunk ports help this modification in "mactrack_cisco.php" insode of function "get_IOS_dot1dTpFdbEntry_ports()":
Code: Select all
/* only output legitamate end user ports */
if ($ifType == 6) {
if (1 || ($portTrunkStatus == "2") || (empty($portTrunkStatus)) || (($vVlanID > 0) && ($vVlanID <= 1005))) {
-
- Posts: 11
- Joined: Wed Dec 07, 2016 11:25 am
Re: Add Trunk port for Scanning MACs
Thanks jrush.
I noticed there are 2 sections that have the verbiage : /* only output legitamate end user ports */" within the mactrack_cisco.php file. Do I edit both sections the same way as you illustrated ? ( which essentially seems to add (1 || at the begining of the second IF statement ? ). Thanks again.
I noticed there are 2 sections that have the verbiage : /* only output legitamate end user ports */" within the mactrack_cisco.php file. Do I edit both sections the same way as you illustrated ? ( which essentially seems to add (1 || at the begining of the second IF statement ? ). Thanks again.
-
- Posts: 11
- Joined: Wed Dec 07, 2016 11:25 am
Re: Add Trunk port for Scanning MACs
As it stands, the current mactrack_cisco.php file has both of these sections :
How should each section be edited to allow me to scan the MACs of the trunked ports ?
/* only output legitamate end user ports */
if ($ifType == 6) {
if (($portTrunkStatus == "2") ||
(empty($portTrunkStatus)) ||
(($vVlanID > 0) && ($vVlanID <= 1000))) {
$port_array[$i]["vlan_id"] = $active_vlan["vlan_id"];
$port_array[$i]["vlan_name"] = $active_vlan["vlan_name"];
$port_array[$i]["port_number"] = $portNumber;
$port_array[$i]["port_name"] = $portName;
$port_array[$i]["mac_address"] = xform_mac_address($port_result["mac_address"]);
$device["ports_active"]++;
$i++;
mactrack_debug("VLAN: " . $active_vlan["vlan_id"] . ", " .
"NAME: " . $active_vlan["vlan_name"] . ", " .
"PORT: " . $portNumber . ", " .
"NAME: " . $portName . ", " .
"MAC: " . $port_result["mac_address"]);
/* only output legitamate end user ports */
if (($ifType == 6) && ($portTrunk == 2)) {
if (($portTrunkStatus == "2")||($portTrunkStatus == "4")||($portTrunkStatus =="")) {
$port_array[$i]["vlan_id"] = $active_vlan["vlan_id"];
$port_array[$i]["vlan_name"] = $active_vlan["vlan_name"];
$port_array[$i]["port_number"] = $ifInterfaces[$ifIndex]["ifName"];
$port_array[$i]["port_name"] = $portName;
$port_array[$i]["mac_address"] = xform_mac_address($port_result["mac_address"]);
$device["ports_active"]++;
$i++;
mactrack_debug("VLAN: " . $active_vlan["vlan_id"] . ", " .
"NAME: " . $active_vlan["vlan_name"] . ", " .
"PORT: " . $ifInterfaces[$ifIndex]["ifName"] . ", " .
"NAME: " . $portName . ", " .
"MAC: " . $port_result["mac_address"]);
}
}
How should each section be edited to allow me to scan the MACs of the trunked ports ?
/* only output legitamate end user ports */
if ($ifType == 6) {
if (($portTrunkStatus == "2") ||
(empty($portTrunkStatus)) ||
(($vVlanID > 0) && ($vVlanID <= 1000))) {
$port_array[$i]["vlan_id"] = $active_vlan["vlan_id"];
$port_array[$i]["vlan_name"] = $active_vlan["vlan_name"];
$port_array[$i]["port_number"] = $portNumber;
$port_array[$i]["port_name"] = $portName;
$port_array[$i]["mac_address"] = xform_mac_address($port_result["mac_address"]);
$device["ports_active"]++;
$i++;
mactrack_debug("VLAN: " . $active_vlan["vlan_id"] . ", " .
"NAME: " . $active_vlan["vlan_name"] . ", " .
"PORT: " . $portNumber . ", " .
"NAME: " . $portName . ", " .
"MAC: " . $port_result["mac_address"]);
/* only output legitamate end user ports */
if (($ifType == 6) && ($portTrunk == 2)) {
if (($portTrunkStatus == "2")||($portTrunkStatus == "4")||($portTrunkStatus =="")) {
$port_array[$i]["vlan_id"] = $active_vlan["vlan_id"];
$port_array[$i]["vlan_name"] = $active_vlan["vlan_name"];
$port_array[$i]["port_number"] = $ifInterfaces[$ifIndex]["ifName"];
$port_array[$i]["port_name"] = $portName;
$port_array[$i]["mac_address"] = xform_mac_address($port_result["mac_address"]);
$device["ports_active"]++;
$i++;
mactrack_debug("VLAN: " . $active_vlan["vlan_id"] . ", " .
"NAME: " . $active_vlan["vlan_name"] . ", " .
"PORT: " . $ifInterfaces[$ifIndex]["ifName"] . ", " .
"NAME: " . $portName . ", " .
"MAC: " . $port_result["mac_address"]);
}
}
Re: Add Trunk port for Scanning MACs
monitoringisfuncr, because i'm using only "get_IOS_dot1dTpFdbEntry_ports" method for my Ciscos in "MacTrack Device Type", I modify only second section.
For understanding, in mactrack_cisco.php: "function get_IOS_dot1dTpFdbEntry_ports" you have this:
And need to modify it to this (was added "1||" at the beginning):
For understanding, in mactrack_cisco.php: "function get_IOS_dot1dTpFdbEntry_ports" you have this:
Code: Select all
/* only output legitamate end user ports */
if ($ifType == 6) {
if (($portTrunkStatus == "2") ||
(empty($portTrunkStatus)) ||
(($vVlanID > 0) && ($vVlanID <= 1000))) {
Code: Select all
/* only output legitamate end user ports */
if ($ifType == 6) {
if (1 || ($portTrunkStatus == "2") ||
(empty($portTrunkStatus)) ||
(($vVlanID > 0) && ($vVlanID <= 1000))) {
-
- Posts: 11
- Joined: Wed Dec 07, 2016 11:25 am
Re: Add Trunk port for Scanning MACs
Hey jrush,
Thanks for the suggestion / example. I did as you mentioned - adding the (1 || in front of second IF statement after the bottom section that mentions : "Code:
/* only output legitamate end user ports */" , refreshed the scanning functions, and re-scanned, however unfortunately the MAC tab still does not populate the MACs learned on the trunk ports. I wish I knew what else i'm missing / doing wrong here as I really do need to get this working. I'm at a loss.
Thanks for the suggestion / example. I did as you mentioned - adding the (1 || in front of second IF statement after the bottom section that mentions : "Code:
/* only output legitamate end user ports */" , refreshed the scanning functions, and re-scanned, however unfortunately the MAC tab still does not populate the MACs learned on the trunk ports. I wish I knew what else i'm missing / doing wrong here as I really do need to get this working. I'm at a loss.
-
- Posts: 11
- Joined: Wed Dec 07, 2016 11:25 am
Re: Add Trunk port for Scanning MACs
Perhaps part of my problem now that I'm digging into results since that adjustment, is that the MACs that I'm expecting to learn are actually being learned on the Cisco Port-Channels. It does not appear that MAC Track shows information regarding port-channels. Is there something that I need to tweak so that MACtrack understands / includes port channel interfaces with it's results ? ( I think that might be part of the problem ). I did find a comment about MAC Track port channels in the post / link below however I'm not sure how to incorporate / use it ( I'm not the best with reading / editing / incorporating new code ).
http://forums.cacti.net/viewtopic.php?t=36804
Thanks in advance if anyone has thoughts / suggestions !
http://forums.cacti.net/viewtopic.php?t=36804
Thanks in advance if anyone has thoughts / suggestions !
-
- Posts: 11
- Joined: Wed Dec 07, 2016 11:25 am
Re: Add Trunk port for Scanning MACs
I made the changes to the mactrack_cisco.php and mactrack_functions.php files as the link suggested. Removing ( - ) the lines and Adding ( + ) lines as the update script suggested and now I get port channel information back for Catalyst / IOS devices which is great, however I still don't get back Cisco Nexus port-channel information which is the bulk of what I need to get back. Any chance you know what would be different with Cisco Nexus port channels vs Catalyst / IOS port channels with regards to those files ?
-
- Posts: 11
- Joined: Wed Dec 07, 2016 11:25 am
Re: Add Trunk port for Scanning MACs
I think I see the problem.... Per the Patch / Script ( mactrack_cisco_etherchannel.patch ) it looks for matches with : Po# ( preg_match("/^Po\d/" ) , then populates MAC Track results. See the difference between how MACTrack sees the Cat/IOS port channels ( ifName ) VS Nexus port channels via my screenshot. How do I edit the mactrack_cisco.php and mactrack_functions.php files to be able to display BOTH the Cat/IOS port channels ( as it is currently working great ) , but ALSO display the Nexus port channels ? ( Assuming I need an OR in the logic , but don't know enough about the code to write that in ). Follow ?
How the Cat/IOS ifNames are for Port-Channels : ( ifName follows scheme Po## )
mysql> select site_id, device_id, ifIndex, ifName, ifAlias, ifDescr, ifType from mac_track_interfaces where device_id=1 AND ifType=53;
+---------+-----------+---------+-----------+------------------------------------------------+--------------------+--------+
| site_id | device_id | ifIndex | ifName | ifAlias | ifDescr | ifType |
+---------+-----------+---------+-----------+------------------------------------------------+--------------------+--------+
| 1 | 1 | 212 | Po11 | Rack 1A-1 | Port-channel11 | 53 |
| 1 | 1 | 213 | Po12 | Rack 1A-2 | Port-channel12 | 53 |
How the Nexus ifNames are for Port-Channels : ( ifName follows scheme port-channel## )
mysql> select site_id, device_id, ifIndex, ifName, ifAlias, ifDescr, ifType from mac_track_interfaces where device_id=16 AND ifType=53;
+---------+-----------+-----------+------------------+-----------------------------+------------------+--------+
| site_id | device_id | ifIndex | ifName | ifAlias | ifDescr | ifType |
+---------+-----------+-----------+------------------+-----------------------------+------------------+--------+
| 6 | 16 | 369098753 | port-channel2 | tor-dc-oob-sw | port-channel2 | 53 |
| 6 | 16 | 369099752 | port-channel1001 | torinfesx01 | port-channel1001 | 53 |
How the Cat/IOS ifNames are for Port-Channels : ( ifName follows scheme Po## )
mysql> select site_id, device_id, ifIndex, ifName, ifAlias, ifDescr, ifType from mac_track_interfaces where device_id=1 AND ifType=53;
+---------+-----------+---------+-----------+------------------------------------------------+--------------------+--------+
| site_id | device_id | ifIndex | ifName | ifAlias | ifDescr | ifType |
+---------+-----------+---------+-----------+------------------------------------------------+--------------------+--------+
| 1 | 1 | 212 | Po11 | Rack 1A-1 | Port-channel11 | 53 |
| 1 | 1 | 213 | Po12 | Rack 1A-2 | Port-channel12 | 53 |
How the Nexus ifNames are for Port-Channels : ( ifName follows scheme port-channel## )
mysql> select site_id, device_id, ifIndex, ifName, ifAlias, ifDescr, ifType from mac_track_interfaces where device_id=16 AND ifType=53;
+---------+-----------+-----------+------------------+-----------------------------+------------------+--------+
| site_id | device_id | ifIndex | ifName | ifAlias | ifDescr | ifType |
+---------+-----------+-----------+------------------+-----------------------------+------------------+--------+
| 6 | 16 | 369098753 | port-channel2 | tor-dc-oob-sw | port-channel2 | 53 |
| 6 | 16 | 369099752 | port-channel1001 | torinfesx01 | port-channel1001 | 53 |
- Attachments
-
- MAC Track SQL Query Difference Between Cat IOS and Nexus PortChannel Display for MACs_BOTH-Versions.JPG (116.21 KiB) Viewed 12601 times
Who is online
Users browsing this forum: No registered users and 0 guests