tracemac always NOT FOUND

[robp2175]

python3 natlas-cli.py tracemac -n 10.40.10.1 -m ffff.c538.3203
natlas v0.12.1
Michael Laforest <mjlaforest@gmail.com>
Python 3.6.7

HOP    NODE IP          NODE NAME                  VLAN     PORT          REMOTE NODE IP   REMOTE NODE NAME
---    -------          ---------                  ----     ----          --------------   ----------------
1      10.40.10.1
NOT FOUND

If I run show mac-address | include ffff.c538.3203 on the switch, it is there
ffff.c538.3203 1/1/29 Dynamic 104
Not really sure where to start looking. ANy help would be appreciated.

[MJL85]

It looks like you are not pulling anything for SNMP from that device. Did you set up the SNMP community in the config file?

[robp2175]

Yes, I have and I can snmpwalk the device

[MJL85]

May I ask what switch model and software it's running?

edit: Also try the get-mac-table module to see if you can pull any MACs off the device.

[robp2175]

Sure. I have tested it on two switches. One is a Brocade ICX-7450-48p Not sure of the other but I’ll get back to you. —

[robp2175]

The other switch is a Brocade ICX-7750-48P. I can snmpwalk on both of them no problem

snmpwalk -v 2c -c public 10.40.10.1

[robp2175]

If it helps the first bit of snmpwalk looks like this

SNMPv2-MIB::sysDescr.0 = STRING: Brocade Communications Systems, Inc. ICX7750-48F, IronWare Version 08.0.30tT203 Compiled on Feb 13 2019 at 17:48:25 labeled as SWR08030t
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.1991.1.3.60.2.1.1.3
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (357847100) 41 days, 10:01:11.00
SNMPv2-MIB::sysContact.0 = STRING:
SNMPv2-MIB::sysName.0 = STRING: MSRV01
SNMPv2-MIB::sysLocation.0 = STRING: Server Room
SNMPv2-MIB::sysServices.0 = INTEGER: 6
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORID.1 = OID: SNMPv2-SMI::zeroDotZero
SNMPv2-MIB::sysORDescr.1 = STRING:
SNMPv2-MIB::sysORUpTime.1 = Timeticks: (0) 0:00:00.00
IF-MIB::ifNumber.0 = INTEGER: 88

and with the actual OIDs

snmpwalk -v 2c -c public 10.40.10.1 -On
.1.3.6.1.2.1.1.1.0 = STRING: Brocade Communications Systems, Inc. ICX7750-48F, IronWare Version 08.0.30tT203 Compiled on Feb 13 2019 at 17:48:25 labeled as SWR08030t
.1.3.6.1.2.1.1.2.0 = OID: .1.3.6.1.4.1.1991.1.3.60.2.1.1.3
.1.3.6.1.2.1.1.3.0 = Timeticks: (357856400) 41 days, 10:02:44.00
.1.3.6.1.2.1.1.4.0 = STRING:
.1.3.6.1.2.1.1.5.0 = STRING: SRV01
.1.3.6.1.2.1.1.6.0 = STRING: Server Room
.1.3.6.1.2.1.1.7.0 = INTEGER: 6
.1.3.6.1.2.1.1.8.0 = Timeticks: (0) 0:00:00.00
.1.3.6.1.2.1.1.9.1.2.1 = OID: .0.0
.1.3.6.1.2.1.1.9.1.3.1 = STRING:
.1.3.6.1.2.1.1.9.1.4.1 = Timeticks: (0) 0:00:00.00
.1.3.6.1.2.1.2.1.0 = INTEGER: 88
.1.3.6.1.2.1.2.2.1.1.1 = INTEGER: 1

[LaurentDumont]

I assume that the neighbor dectection is LLDP based for Brocade switches. It seems to be broken and that might prevent the switch from jumping from your root node and starting the LLDP crawl till it finds the target MAC.

Just a wild guess though.

[robp2175]

Tried the get-mac-table command as suggested. nada

PS C:\Scripts\natlas> python natlas-cli.py get-mac-table -n 10.40.10.1 -c public
natlas v0.12.1
Michael Laforest <mjlaforest@gmail.com>
Python 3.7.2

VLAN        Name

Collecting MACs...

PORT        MAC               VLAN        VLAN_Name
----        ---               ----        ---------

Found 0 VLANs
Found 0 MAC addresses

Completed in 0:0:4.61s

[MJL85]

Could you walk snmp at these two locations?
1.3.6.1.4.1.9.9.46.1.3.1.1.2
1.3.6.1.2.1.17.4.3.1.1
The first one is where the VLANs for that switch are located, and the second should be the CAM table.
Brocade might be using different OID's for either or both.
Presently natlas was developed and tested only for Cisco, since that's really all I have access to. I would be more than happy to try to add support for other vendors but it's tough without being able to test.

[robp2175]

My apologies, it has taken me a bit to get back to this. I can confirm those two OIDs do not exist in a brocade switch. This OID sems to give me a list of all my VLANs
1.3.6.1.2.1.17.7.1.4.2.1.3

This OID gives me all my VLAN names
1.3.6.1.2.1.17.7.1.4.3.1.1

and this seems to be the brocade equivalent of the second OID you listed in brocade. However this OID seems to give me a list of all the MAC addresses on the switch. 1.3.6.1.2.1.17.4.3.1.1

this is an example of the output from an snmpwalk of this oid
.1.3.6.1.2.1.17.4.3.1.1.140.220.212.39.205.150 = STRING: ff:ff:d4:27:cd:96

The below is from the MIB reference document
The dot1dTpFdbTable (OID 1.3.6.1.2.1.17.4.4) in RFC 1493 is used to find dynamically learned MAC addresses. Statically configured
MAC addresses are in the snFdbTable (refer to “Forwarding database static table information” on page 365).

I tried changing these values in snmp.py but I get this now, so clearly this was not correct. Not sure if I am getting closer or farther from the solution.

HOP    NODE IP          NODE NAME                  VLAN     PORT          REMOTE NODE IP   REMOTE NODE NAME
---    -------          ---------                  ----     ----          --------------   ----------------
1      10.40.10.1       [E] get_snmp_bulk(public@1): No SNMP response received before timeout
[E] get_snmp_bulk(public@1): No SNMP response received before timeout
[E] get_snmp_bulk(public@1): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116@117): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116@117): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116@117): No SNMP response received before timeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116@117@118): No SNMP response received before timeo
ut
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116@117@118): No SNMP response received before timeo
ut
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116@117@118): No SNMP response received before timeo
ut
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116@117@118@119): No SNMP response received before t
imeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116@117@118@119): No SNMP response received before t
imeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116@117@118@119): No SNMP response received before t
imeout
[E] get_snmp_bulk(public@1@96@97@100@102@104@110@111@112@113@114@115@116@117@118@119@121): No SNMP response received befo
re timeout