Design report MAC logic.
The CIA switch poller finds all end-user MACs and the switches/VLANs where they are connected.
For each report of MAC, VLAN, switch-name, timestamp:
- find the existing connection
update the switch connection detail for this connection.
- if no existing connection is found, report an error.
#1 Updated by Randy Reitz over 8 years ago
This is a reading from the book of NL_lclcamlist.pm
- Given a switch name and READ_COMMUNITY_STRING:
- NMP/Ping check
Access system.sysUptime as a connectivity check. Abort with "No Ping/ANMP response"
- NMP/Ping check
- Get the interface names
Use IF-MIB:ifPhysAddress to collect interface names and indexes
NOTE: Only interested in VLAN interfaces. May do this daily and saved in NIMI database for reuse by poller.
- Gather CDP Neighbors, mark Interface Index Numbers that have neighbors
- Gather aggregated ports, mark their Interface Index Numbers if their
- physical interfaces have been marked
NOTE: This is preparation for removing MAC addresses for interfaces that connect to neighbor network devices.
We may skip this.
- Get the VLANs (except 1001 thru 1024)
VLANs appear to SNMP as separate switches. For example, a physical switch with 10 VLANS has to be treated
as 10 devices to gather MACs from. Therefore, the list of VLANs on a physical switch can be gathered daily
saved in NIMI database for reuse by poller.
- Gather MACs and Stats in each VLAN
- Each VLAN has a unique set of Bridge Port Numbers
NOTE: This is where the real data is collected.
Walk the BRIDGE-MIB:dot1dTpFdbTable, retrieve the MAC (table index) and status.
Walk the BRIDGE-MIB:dot1dBasePortTable, retrieve the BasePort (table index) and the dot1dBasePortIfIndex.
- Process Discards
The MACs with status = 4 (self) and = 5 (mgmt) can be discarded.
The other discards are derived from the neighbor MAC collected above. This step can likely be skipped.
- Write the switch records
Output: MAC, switch-name, port-name, timestamp, VLAN, status
The switch-name is derived from the PortNames gathered from IF-MIB:ifPhysAddress and indexed by BasePort from BRIDGE-MIB:dot1dBasePortifIndex.
Here is a good explanation of cross-indexed MIBs:
Here is a good explanation of how to get CAM entries out of a switch http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094a9b.shtml