Port VLAN Mismatches report incorrect with Cisco subinterfaces

[ollyg]

Discussed in #773

^{Originally posted by fredriksknese February 28, 2021}
All my router ports with subinterfaces are showing in report "Port VLAN Mismatches".
Is this a issue anyone else have? Is this expected behavior?

Left Device | Left Port | Left VLANs | Right Device | Right Port | Right VLANs
10.0.0.1 | GigabitEthernet1/1 | n:1 | 10.0.0.2 | GigabitEthernet1/0/1 | n:1, 2, 3, 4, 5, 1002, 1003, 1004, 1005

[ollyg]

Hi @fredriksknese can you clarify what you mean by subinterfaces?

Does the normal device port table show that these two ports are neighbors?

[fredriksknese]

Hi @fredriksknese can you clarify what you mean by subinterfaces?

Its Ciscos terminology for dot1q encapsulation/tagged interface. I don't work at that company so I can not check but I get the same result at my homelab. Continue below for my current configuration and setup.

"Left Device","Left Port","Left VLANs","Right Device","Right Port","Right VLANs"
10.0.100.1,GigabitEthernet8,n:1,10.0.100.6,GigabitEthernet0/10,"n:1, 100, 200, 500, 1002, 1003, 1004, 1005"

Does the normal device port table show that these two ports are neighbors?

Yes. Its a "classic" router on a stick configuration. https://www.networkstraining.com/cisco-router-on-a-stick-with-switch/

GW#sh cdp ne gigabitEthernet 8 detail 
-------------------------
Device ID: Test-SW
Entry address(es): 
  IP address: 10.0.100.6
Platform: cisco WS-C3560CG-8PC-S,  Capabilities: Switch IGMP 
Interface: GigabitEthernet8,  Port ID (outgoing port): GigabitEthernet0/10
Holdtime : 176 sec

Version :
Cisco IOS Software, C3560C Software (C3560c405ex-UNIVERSALK9-M), Version 15.2(2)E10, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2019 by Cisco Systems, Inc.
Compiled Tue 14-May-19 10:28 by prod_rel_team

advertisement version: 2
Protocol Hello:  OUI=0x00000C, Protocol ID=0x0112; payload len=27, value=00000000FFFFFFFF010221FF00000000000024B657B9EB00FF0000
VTP Management Domain: ''
Native VLAN: 1
Duplex: full
Management address(es): 
  IP address: 10.0.100.6


Total cdp entries displayed : 1

Test-SW#sh cdp ne gigabitEthernet 0/10 detail 
-------------------------
Device ID: GW.mgmt.XXX
Entry address(es): 
  IP address: 10.0.100.1
Platform: Cisco C892FSP-K9,  Capabilities: Router Source-Route-Bridge Switch IGMP 
Interface: GigabitEthernet0/10,  Port ID (outgoing port): GigabitEthernet8
Holdtime : 134 sec

Version :
Cisco IOS Software, C800 Software (C800-UNIVERSALK9-M), Version 15.4(3)M3, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2015 by Cisco Systems, Inc.
Compiled Fri 05-Jun-15 16:04 by prod_rel_team

advertisement version: 2
Duplex: full
Management address(es): 
  IP address: 10.0.100.1

Total cdp entries displayed : 1

Config on 10.0.100.1 "GW" router

interface GigabitEthernet8
 description To Test-SW
 no ip address
!
interface GigabitEthernet8.100
 description Management
 encapsulation dot1Q 100
 ip address 10.0.100.1 255.255.255.0
!
interface GigabitEthernet8.200
 description LAB
 encapsulation dot1Q 200
 ip address 10.0.200.1 255.255.255.0
!
interface GigabitEthernet8.500
 description USERS
 encapsulation dot1Q 500
 ip address 192.168.1.1 255.255.255.0
!

Config on 10.0.100.6 "Test-SW"

interface GigabitEthernet0/10
 description To GW
 switchport trunk encapsulation dot1q
 switchport mode trunk
 switchport nonegotiate
!

[fredriksknese]

And the version I'm using

Built using Open Source
Software	Version
App::Netdisco	2.52.8
SNMP::Info	3.84
DB Schema	71
PostgreSQL	12.00.11
Perl		5.34.0

[ollyg]

thanks @fredriksknese !

Now, do the subinterfaces show up as interfaces in Netdisco in the device ports view? What "type" (select the sidebar option) is show for the left and right interfaces of your example, and the subinterfaces if they are listed? Similarly, if these subinterfaces exist, do they have neighbors? (I guess not, as they are not in the report!)

The tricky thing here is that Netdisco doesn't know (probably) that the subinterfaces are attached to the "parent" interface and carrying the VLANs. Perhaps I can work this out indirectly, which is why I ask the above questions.

[fredriksknese]

Now, do the subinterfaces show up as interfaces in Netdisco in the device ports view?
Yes they do show up
What "type" (select the sidebar option) is show for the left and right interfaces of your example, and the subinterfaces if they are listed?
They do show up as "l2vlan"

Similarly, if these sub-interfaces exist, do they have neighbours? (I guess not, as they are not in the report!)
No they don't show as neighbour to the other device

See attached screenshots. (There is a link GW#Gi0 to Test-SW#Gi0/7 which is a valid mismatch)

[fredriksknese]

"The tricky thing here is that Netdisco doesn't know (probably) that the subinterfaces are attached to the "parent" interface and carrying the VLANs."

Should I see it as a interface with subinterfaces can be seen as it can technically be physical breakout cable?

Its the ethernetCsmacd and l2lan types that creates the mismatch?

[ollyg]

Hi @fredriksknese thank you again for the updates and replies, very helpful

Are you able to run the following command against the device IP which has the subinterfaces, and send the output:
~/bin/netdisco-do show -d 10.0.100.1 -e v_cvi_if -D

This is (apparently) where for Cisco devices we might be able to discover the relation between the parent and subinterfaces and make more intelligent presentation of the data.

Should I see it as a interface with subinterfaces can be seen as it can technically be physical breakout cable?

Yes, at the moment the device just reports a set of discrete interfaces, and we don't know (apart from the "dot notation" convention in the interface name) that they are subinterfaces. However for something like link aggregation (port channels) we can get extra information to make the connection between parent and member interfaces, and perhaps we can do the same here.

[ollyg]

@fredriksknese second note, if the command above is successful (has a table of numbers or whatever) then if this is on your lab box and you're able to share, I'd appreciate a device snapshot to work on the feature support:
https://github.com/netdisco/netdisco/wiki/Snapshot#share-a-snapshot

[fredriksknese]

10.0.100.1-snapshot.txt
10.0.100.6-snapshot.txt

The .6 timed out. I tried two times

netdisco@lnx2$ tail -f logs/netdisco-backend.log
[247190] 2022-07-31 06:15:37 error snapshot 10.0.100.6 BULKWALK Timeout
[247465] 2022-07-31 06:23:58 error snapshot 10.0.100.6 BULKWALK Timeout

[fredriksknese]

netdisco@lnx2:~$ ~/bin/netdisco-do show -d 10.0.100.1 -e v_cvi_if -D
[249945] 2022-07-31 08:44:53  info App::Netdisco version 2.052008 loaded.
[249945] 2022-07-31 08:44:53  info show: [10.0.100.1]/v_cvi_if started at Sun Jul 31 08:44:53 2022
[249945] 2022-07-31 08:44:54 debug show: running with timeout 600s
[249945] 2022-07-31 08:44:54 debug => running workers for phase: check
[249945] 2022-07-31 08:44:54 debug -> run worker check/_base_/0
[249945] 2022-07-31 08:44:54 debug Show is able to run
[249945] 2022-07-31 08:44:54 debug => running workers for phase: main
[249945] 2022-07-31 08:44:54 debug -> run worker main/_base_/100
[249945] 2022-07-31 08:44:54 debug snmp reader cache warm: [10.0.100.1]
[249945] 2022-07-31 08:44:54 debug [10.0.100.1:161] try_connect with ver: 2, class: SNMP::Info::Layer3::CiscoSwitch, comm: <hidden>
{
    1.0     13,
    1.1     1,
    100.1   14,
    200.1   16,
    500.1   17
}
[249945] 2022-07-31 08:44:54  info show: finished at Sun Jul 31 08:44:54 2022
[249945] 2022-07-31 08:44:54  info show: status done: Showed v_cvi_if response from 10.0.100.1

netdisco@lnx2:~$ ~/bin/netdisco-do show -d 10.0.100.6 -e v_cvi_if -D
[249961] 2022-07-31 08:46:07  info App::Netdisco version 2.052008 loaded.
[249961] 2022-07-31 08:46:07  info show: [10.0.100.6]/v_cvi_if started at Sun Jul 31 08:46:07 2022
[249961] 2022-07-31 08:46:07 debug show: running with timeout 600s
[249961] 2022-07-31 08:46:07 debug => running workers for phase: check
[249961] 2022-07-31 08:46:07 debug -> run worker check/_base_/0
[249961] 2022-07-31 08:46:07 debug Show is able to run
[249961] 2022-07-31 08:46:07 debug => running workers for phase: main
[249961] 2022-07-31 08:46:07 debug -> run worker main/_base_/100
[249961] 2022-07-31 08:46:07 debug snmp reader cache warm: [10.0.100.6]
[249961] 2022-07-31 08:46:07 debug [10.0.100.6:161] try_connect with ver: 2, class: SNMP::Info::Layer3::C3550, comm: <hidden>
{
    1.0     1,
    100.0   100
}
[249961] 2022-07-31 08:46:08  info show: finished at Sun Jul 31 08:46:08 2022
[249961] 2022-07-31 08:46:08  info show: status done: Showed v_cvi_if response from 10.0.100.6
netdisco@lnx2:~$ 

[ollyg]

Hi @fredriksknese that's great! Thank you. To help me finish the feature, would you be able to configure a second physical interface on 10.0.100.1 with some vlan subinterfaces. I need this to make sure we interpret the information over SNMP correctly for multiple routed physical interfaces. Take and send over the snapshot as before.

[fredriksknese]

The router and switch are now connected on two ports
Test-SW

interface GigabitEthernet0/9
 description To~GW-Port9 
 switchport trunk encapsulation dot1q
 switchport mode trunk
 switchport nonegotiate
 spanning-tree portfast
!
interface GigabitEthernet0/10
 description To GW
 switchport trunk encapsulation dot1q
 switchport mode trunk
 switchport nonegotiate
!

GW

interface GigabitEthernet8
 description To Test-SW
 no ip address
 duplex auto
 speed auto
 media-type rj45
!
interface GigabitEthernet8.100
 description Management
 encapsulation dot1Q 100
 ip address 10.0.100.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
interface GigabitEthernet8.200
 description LAB
 encapsulation dot1Q 200
 ip address 10.0.200.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
interface GigabitEthernet8.500
 description USERS
 encapsulation dot1Q 500
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
interface GigabitEthernet9
 no ip address
 duplex auto
 speed auto
!
interface GigabitEthernet9.1
 description WAN
 encapsulation dot1Q 1 native
 ip ddns update DynDNS
 ip address dhcp
 ip nat outside
 ip virtual-reassembly in
!
interface GigabitEthernet9.110
 description Test-SUB-110
 encapsulation dot1Q 110
 ip address 10.110.0.1 255.255.255.0
!
interface GigabitEthernet9.120
 description Test-SUB-120
 encapsulation dot1Q 120
 ip address 10.120.0.1 255.255.255.0
!
interface GigabitEthernet9.150
 description Test-SUB-150
 encapsulation dot1Q 150
 ip address 10.150.0.1 255.255.255.0
!
interface GigabitEthernet9.200
 description Test-SUB-200
 encapsulation dot1Q 200
 ip address 10.200.0.1 255.255.255.0
!

10.0.100.1-snapshot (1).txt

The snapshot feature does not work on the switch. But that will be a separate bug report

[ollyg]

Super, thank you @fredriksknese for the quick update

[ollyg]

Hello again. Well, the good news is that I'm making progress and can fix this (and have a test patch for your BULKWALK issue as well). The bad news is that I found a mistake in our netdisco-mibs bundle and have released a new version. If possible, can you re-run netdisco-deploy and update the MIBs bundle and take another snapshot of the device? Many thanks.

[ollyg]

Sorry, meant to say, and run "netdisco-do loadmibs" again after updating netdisco-mibs and before taking the snapshot.

[fredriksknese]

netdisco@lnx2:~$ curl -L https://cpanmin.us/ | perl - --notest --local-lib ~/perl5 App::Netdisco
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  295k  100  295k    0     0   795k      0 --:--:-- --:--:-- --:--:--  796k
--> Working on App::Netdisco
Fetching http://www.cpan.org/authors/id/O/OL/OLIVER/App-Netdisco-2.052011.tar.gz ... OK
Configuring App-Netdisco-2.052011 ... OK
Building App-Netdisco-2.052011 ... OK
Successfully installed App-Netdisco-2.052011 (upgraded from 2.052008)
1 distribution installed
netdisco@lnx2:~$ netdisco-deploy 
[292324] 2022-08-02 12:15:40  info App::Netdisco 2.052011 loaded.
This is the Netdisco 2 deployment script.

Before we continue, the following prerequisites must be in place:
 * Database added to PostgreSQL for Netdisco
 * User added to PostgreSQL with rights to the Netdisco Database
 * "~/environments/deployment.yml" file configured with Database dsn/user/pass
 * A full backup of any existing Netdisco database data
 * Internet access (for OUIs and MIBs)

If you are upgrading Netdisco 2 read the release notes:
https://github.com/netdisco/netdisco/wiki/Release-Notes
There you will find required and incompatible changes
which are not covered by this script.

You will be asked to confirm all changes to your system.

So, is all of the above in place? [y/N]: y

Would you like to deploy the database schema? [y/N]: y
DB schema update complete.
Updating statistics... done.

Download and update vendor MAC prefixes (OUI data)? [y/N]: y
OUI update complete.

Download and update MIB files? [y/N]: y
MIBs update complete.
netdisco@lnx2:~$ netdisco-do loadmibs
[292360] 2022-08-02 12:16:41  info App::Netdisco version 2.052011 loaded.
[292360] 2022-08-02 12:16:41  info loadmibs:  started at Tue Aug  2 12:16:41 2022
[292360] 2022-08-02 12:18:53  info loadmibs: finished at Tue Aug  2 12:18:53 2022
[292360] 2022-08-02 12:18:53  info loadmibs: status done: Loaded MIBs

(Here I used the web interface to update the devices with Discover/Arpnip/Macsuck/NBTstat)

And the snapshots

netdisco@lnx2:~$ netdisco-do snapshot -p yes -d 10.0.100.6
[292702] 2022-08-02 12:37:15  info App::Netdisco version 2.052011 loaded.
[292702] 2022-08-02 12:37:15  info snapshot: [10.0.100.6] started at Tue Aug  2 12:37:15 2022
[292702] 2022-08-02 12:37:44 error snapshot 10.0.100.6 BULKWALK Timeout
[292702] 2022-08-02 12:37:44  info snapshot: finished at Tue Aug  2 12:37:44 2022
[292702] 2022-08-02 12:37:44  info snapshot: status done: Snapshot data captured from 10.0.100.6
netdisco@lnx2:~$ netdisco-do snapshot -p yes -d 10.0.100.1
[292787] 2022-08-02 12:39:59  info App::Netdisco version 2.052011 loaded.
[292787] 2022-08-02 12:39:59  info snapshot: [10.0.100.1] started at Tue Aug  2 12:39:59 2022
Argument "^^" isn't numeric in preincrement (++) at /home/netdisco/perl5/lib/perl5/SNMP/Info.pm line 4910.
[292787] 2022-08-02 12:40:23  info snapshot: finished at Tue Aug  2 12:40:23 2022
[292787] 2022-08-02 12:40:23  info snapshot: status done: Snapshot data captured from 10.0.100.1

10.0.100.6.txt
10.0.100.1.txt

Is this correct?

[ollyg]

Looks good! I will test in a few hours, many thanks indeed

[ollyg]

Hi @fredriksknese finally, I think I have a working fix (and a few new features and bugs fixed as well along the way).

Please upgrade to 2.053000 when it appears in a couple of hours on mirrors, and remember to netdisco-deploy for the DB schema update. After a rediscover of your devices, I hope you can see the VLAN Mismatch report is better, and the subinterfaces are marked as part of the parent interface in the Device Ports view.

Do let me know how you get on. Many thanks for your patience and help!

[ollyg]

Hi @fredriksknese just an extra bit of news, in case you have any subinterfaces where the configured VLAN is not the same as the interface name dotted-part, we have just addressed a bug affecting this.

An update of SNMP::Info (~/bin/localenv cpanm --notest SNMP::Info) will do the job.