New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
LLDP/CDP #196
Comments
I like this idea. Can you send me a tool/screenshot how this feature looks in other tools? |
LDWin: https://github.com/chall32/LDWin
haneWIN: https://www.hanewin.net/lldp-e.htm
…On Wed, 12 Jun 2019 at 15:42, BornToBeRoot ***@***.***> wrote:
I like this idea. Can you send me a tool/screenshot how this feature looks
in other tools?
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#196?email_source=notifications&email_token=AFTAKFUJT7OXXEMMP6BNKQDP2FGR7A5CNFSM4HXJODO2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODXRSW7Q#issuecomment-501427070>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AFTAKFWICDZP3OQ5EV7E3S3P2FGR7ANCNFSM4HXJODOQ>
.
|
I did a bit of research...
The only disadvantage I see, the captured packages are written to a file... There is no feedback/output as soon as the package arrived. You always have to wait 31 seconds (lldp default is 30 seconds), until the file can be parsed.
It don't know if this libary supports CDP. I also have only devices who send lldp-packages... PacketDotNet usage: https://github.com/chmorgan/packetnet/blob/78d1c7533ee5ecc13ef9354c34e4c0d9c7f1e8b5/Test/PacketType/LldpTest.cs#L203 |
Sounds great. |
Finally i found some time for this feature... the app needs to run as administrator to capture network packets. It don't need any special driver like WinPcap. I found a script doing the capturing with PowerShell and NetEventSession and NetEventPacketCaptureProvider. A modified version of this script is compiled into the application. Would be great if you can test the feature agains your network devices. I have only one switch model with LLDP. The interval for LLDP packages is 30 seconds and for CDP packages 60 seconds. Download: NETworkManager_2020.1.0_Portable_issue-196.zip Source: https://github.com/BornToBeRoot/NETworkManager/tree/issue-196 |
If for some reason the NetEventSession does not end properly (e.g. if you close the application or when it crashes during capturing)... run the following command... PowerShell as admin:
|
Hey, just had a chance to check this out - looks to be working well! HP
1950, UBNT Edgeswitches, and an FS.COM 3900
…On Fri, 3 Jan 2020 at 19:45, BornToBeRoot ***@***.***> wrote:
If for some reason the NetEventSession does not end properly (e.g. if you
close the application or when it crashes during capturing)... run the
following command...
PowerShell as admin:
~# Get-NetEventSession |Stop-NetEventSession | Remove-NetEventSession
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#196?email_source=notifications&email_token=AFTAKFWLBITA6IEWCMSW7JDQ37LZFA5CNFSM4HXJODO2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEICM4QQ#issuecomment-570740290>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AFTAKFTWIS2RNQZLVTMPLNTQ37LZFANCNFSM4HXJODOQ>
.
|
Freature is merged into the master and will be available in the next release. |
Confirm that it also works for me |
Not working for me, but running another tool (https://github.com/chall32/LDWin) works fine. Any thoughts? See image below of results from working tool Thanks |
CDP or LLDP? Currently no error or warnings are displayed... Edit: I use this to capture the packages |
CDP I assume as it is a Cisco Catalyst 2960S-24TS-L switch Okay will try that now and report back |
Results below for powershell script which seems to work okay:- PS C:\WINDOWS\system32> $Packet = Invoke-DiscoveryProtocolCapture -Type cdp Port : GigabitEthernet1/0/12 |
Okay. So it's something with the code to control the script/get the result. Thanks |
Anything at all I can do to test just let me know |
@wingers999 Can you build and test the latest commit 20371fc |
Yes no problem, will get on it tomorrow and report back to you |
@wingers999
This is the only difference to my code. I have no cisco switch... it's hard to reproduce/debug the issue |
Output below is what I get if I don't specify type - lots of errors:-
|
If I specify type I get:-
|
My suggestion would be that if user selects LLDP/CDP then it does a scan for each separately and shows results rather than doing it without the type switch? or just have them separate, but I personally would like to do both together as on some networks you don't know what switches you have until you do a scan |
May be fixed in the next release. |
Test build URL: https://cloud.borntoberoot.net/s/xZtPE6dMa4Sac4i |
Hi, Happy to test, but any chance of a portable build that doesn't require .NET 5 as don't particularly want to install this on my production servers yet |
@wingers999 thanks for trying it. Does it work with (my fork) of the PSDIscoveryProtocol on the clients? https://github.com/BornToBeRoot/PSDiscoveryProtocol I can only test LLDP and currently only on ubiquiti devices (UDM, USW-8 - both work). I assume you have Cisco? What versions are you running on the server?
After some research: The second message "Unable to find a connected wired adapter on ..." is thrown by PSDiscoveryProtocol after executing this command
Maybe you can test this also |
Windows Server 2016 I have both Cisco and HP Running the Get-NetAdapter command in Powershell 7 on the server returns nothing at all, see results below:
Very odd as definitely has a physical network adapter which is working fine... Running PSDiscoveryProtocol on the server also gives me "WARNING: Unable to find a connected wired adapter on xxx1." Running PSDiscoveryProtocol on client gives me "no discovery protocol packets captured" for both LLDP and CDP Running PSDiscoveryProtocol on client but capturing on remote server e.g.
Returns
Happy to do any other testing needed |
This is the function my Tool uses: Did you use the my fork (https://github.com/BornToBeRoot/PSDiscoveryProtocol/) which doesn't require WinRM on the local client? We need to get this to work 😄 |
Yes I downloaded and used your fork |
Just tried again on another computer - client running Windows 10 Command run and output below:-
|
As I say happy to do any testing needed, just tell me what you want run and where |
This is a WinRM error message (which shouldn't be used in this case): I think it's still loading the original module (maybe installed via PSGalery). The commands (in the error message) have a "-CimSession" parameter... I replaced them in the fork with powershell "splatting" and the command should look like this Maybe remove the module first and then load it with:
You could also try if it makes a difference in Windows PowerShell (5) and PowerShell Core 7. If this works, then we can continue testing with the NETworkManager. |
Tried remove but said didn't exist, but then installed your version again as per your reply and re-ran some tests
Running from a Windows 10 Client specifying server I know is connected to Cisco switch - using PowerShell Core 7:
Running from a Windows 10 client just using Invoke-DiscoveryProtocolCapture get several errors with both PS5 and PS7 before it then shows progress bar of capture running for 60 seconds, and then more errors after wards - PS7 results below: Running directly on server using PowerShell 5 - it works:
Running directly on server using Powershell 7 - I get error:
|
I have no idea why it fails on your systems. I try to test it on some different systems and may setup some vms/server to test it. Maybe @lahell has an idea. Do you use virtualisation (if yes which one?). |
Get same results from other Windows 10 clients I have tried as well No I don't use virtualization Anything you want me to try just let me know |
Co-authored-by: BornToBeRoot <BornToBeRoot@users.noreply.github.com>
Running Get-NetEventSession gives me error PS5
PS7
|
@wingers999 and @BornToBeRoot |
Hi @lahell, nothing in the event log, tried on multiple Windows 10 clients, one a clean install from 20H2 master image, the others from an earlier master image based on 1903 and upgraded to 2004 |
I would grab a Windows 10 ISO from Microsoft without any modifications and install on a computer, then test |
Unfortunately not my domain I am testing on, it is a clients, so that is not going to be practical as everything else works with their Windows 10 images, and it was only an offer to help test LLDP/CDP for @BornToBeRoot |
I will close this for now because i cannot reproduce your @wingers999 issue and the initial feature (#196 (comment)) is implemented. Using a clean windows 10 image without GPOs and third party antivirus scanners as @lahell suggested would be a good test. Feel free to open a new issue if you have more informations about this bug. |
There are a few tools that can pull LLDP/CDP information off the wire so you can find out easily what port/device you're plugged into. Would be handy to have this rolled into the toolkit.
The text was updated successfully, but these errors were encountered: