Vendor Tips

Eric Miller edited this page Apr 18, 2018 · 7 revisions

Neighbor Relations on Juniper EX

The LLDP configuration should look like:

lldp {
  management-address 10.0.0.1;
  port-id-subtype interface-name;
  interface all;
}

Add the following to your devices (changing the port numbers appropriately):

config lldp ports 1-28 mgt_addr ipv4 enable

or

config lldp ports 1-28 mgt_addr ipv4 1.2.3.4 enable

Which you use will depend on the device OS version.

VRFs and NXOS

Netdisco at this time does not support VRFs. In particular, overlapping IP address spaces will not be shown in the interface.

However if you’re running Cisco NXOS and do not have overlapping IP address space, then you can use the NXOS SSHCollector profile for that platform.

Report Cisco as Single Device Instead of Stacked (37xx/29xx/etc)

Add this to your device config:

no snmp-server sysobjectid type stack-oid

SNMP Support on Huawei Quidway and CloudEngine

Where mycommunity is your community string. Note iso means everything is visible to readers!

snmp-agent mib-view included all iso
snmp-agent community read cipher mycommunity mib-view all
snmp-agent packet max-size 17940
snmp-agent extend error-code enable

SNMP Support on Linksys and Cisco Linksys

Where mycommunity is your community string. Note this results in everything being visible to readers!

snmp-server view test iso included
snmp-server view test system included
snmp-server view test interfaces included
snmp-server view test ip included
snmp-server view test icmp included
snmp-server view test tcp included
snmp-server view test udp included
snmp-server view test transmission included
snmp-server view test snmp included
snmp-server view test rmon included
snmp-server view test dot1dBridge included
snmp-server view test ifMIB included
snmp-server view test dns included
snmp-server view test radiusMIB included
snmp-server view test traceRouteMIB included
snmp-server view test powerEthernetMIB included
snmp-server community mycommunity ro view test

SNMPv3 Support on Cisco IOS

To access per-VLAN MAC address tables we use SNMPv3 contexts. In Cisco IOS the access control is per-context so for each context (VLAN) you need to permit access from the poller.

You should already have something like the following to enable SNMPv3 from Netdisco at 192.0.2.1:

snmp-server view myv3view iso included
snmp-server group myv3group v3 priv read myv3view
snmp-server user myv3user myv3group v3 auth md5 PASSWORD priv des PASSWORD
snmp-server host 192.0.2.1 version 3 auth myv3user

Then set the authorization:

snmp-server group myv3group v3 auth
snmp-server group myv3group v3 auth context vlan- match prefix

If the second command above is rejected, you have an older version of IOS and must enter a statement for each active VLAN on the device:

snmp-server group myv3group v3 priv context vlan-1
snmp-server group myv3group v3 priv context vlan-2
snmp-server group myv3group v3 priv context vlan-3
... etc

Linux SNMP Service (Agent)

Install the snmpd (SNMP agent) and lldpd (neighbor discovery) packages.

Edit the /etc/snmp/snmpd.conf file:

# AGENT BEHAVIOUR
# comment out: agentAddress udp:127.0.0.1:161
agentAddress udp:161,udp6:[::1]:161
# ACCESS CONTROL
rocommunity <your-secret> <management-device-IP/net>
# SYSTEM INFORMATION
sysServices 76
# (default is 72, 74 is layer2 bridge/switch, 76 for layer3 router/gateway)

If running a firewall, allow SNMP traffic in on UDP port 161.

Edit the /etc/default/lldpd file:

DAEMON_ARGS="-k -x -l -m <Mgmt-IP>"
# <Mgmt-IP> is the IP to advertise for Netdisco to connect

Restart snmpd and lldpd services when you have configured them.

This assumes you’re using LLDP on your network. If you use CDP then the lldpd daemon can support that protocol - see the manual page for details.

You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.