Discovering your network with Netdisco

5685

Author: Walter Gould

Four years ago, Max Baker at the University of California, Santa Cruz, needed an easy-to-use tool that would assist in managing switch ports, show port usage and history, track inventory, and help with network debugging. Baker began developing what has become Netdisco, an awesome open source network discovery tool.

Netdisco is built on open source packages such as Perl, various Perl modules, Net-SNMP, PostgreSQL, Mason, Apache, and mod_perl. One of its key components is the SNMP::Info Perl module, which Baker also wrote. See the project’s requirements page for other modules Netdisco requires to run properly.

Installing Netdisco is not a trivial task. Even for the most seasoned Unix/Linux admin, a manual install can take a number of hours to complete. If you don’t want to attempt a manual installation, you can find install scripts for various Linux distributions on the Netdisco mailing list. Netdisco is also included in the NetBSD package system pkgsrc.

After Netdisco is installed and configured, it must discover your network. Netdisco uses discovery protocols such as Cisco Discovery Protocol (CDP), Foundry Discovery Protocol (FDP), and Synoptics/Bay/Nortel Network Management Protocol (SONMP) to provide automatic discovery of your network topology. In the past months developers have discussed adding support for the IEEE-standard 802.lAB Link Layer Discovery Protocol (LLDP). To start the discovery process at your network’s centermost device (which you must specify), run $netdisco_home/netdisco -r center_device.

Netdisco next begins gathering port information from the switches and routers via SNMP. To obtain the MAC addresses connected to each port, run $netdisco_home/netdisco -m. Finally, the program can tap every layer-3 device and get its ARP cache with the command $netdisco_home/netdisco -a. Each entry in the ARP cache maps a MAC address to an IP address.

As Netdisco runs each of the above three processes, it collects the data it gathers in the PostgreSQL database. If you followed the
installation document, you should have copied the contents of the netdisco.crontab file (which include the above three commands) into root’s crontab. You may need to tweak these to be run as often as you need on your individual network.

At this point, you will have a database full of useful data. You can log in to the Netdisco Web front end to access it (you can try out a demo here). The most useful menu items on the Web interface are the device search, device inventory, node search, duplex mismatch finder, and the administration panel links.

Device search lets you search for a device by its IP address, location, description, DNS name, vendor name, switch or router model, and OS version.

The device inventory link summarizes the network devices Netdisco has found. It categorizes and lists them by vendor, model, and the total number of each. It also categorizes them by the OS (Catalyst or IOS) and version numbers. If you are interested in knowing more on any particular model (say a Cisco 3750), click that link to display a page that shows all Cisco 3750s in the database. If you want to drill down further and find out what device is connected to a particular switch port, click the switch hyperlink and then click “show all ports.” It is as easy as that. The device inventory functionality has made it a lot easier for us to track our switch and router inventory here.

If you need to find an end user’s machine but do not know what switch or port they are connected to, you can use the node search menu link. Enter the user’s MAC or IP address, NetBIOS name, or DNS hostname in the node search box and press Enter. If your search information is in the database, Netdisco will show you the switch IP address and port it is connected to. If you have admin control, you can disable that user’s switch port from within the Web interface (as long as Netdisco is configured with an SNMP write string). In addition, on the node search page, you can search for possible wireless access points and for nodes with multiple active IP addresses.

The duplex mismatch finder link is useful for just that. It displays devices and ports on your network that have a duplex mismatch — very useful troubleshooting information. The administration panel allows device control (to manually discover and delete devices), user control (to add and delete users, change passwords, and give users admin control), and maintenance, such a database cleanups. It contains a log of all users who have logged in, with date, time, and originating IP address. The administration panel link is displayed only for users with admin control.

At Auburn University, we have been using Netdisco for about two years. The first time we installed it, it took us about a day. Installing new versions since then have taken less time as we have become more familiar with the process. Currently, our Netdisco application has about 1,070 network devices stored in the PostgreSQL database, which we update daily. The hardware requirements for running it are fairly meager; our server is a five-year-old Dell PowerEdge with dual 1GHz processors, 1GB of RAM, and 70GB worth of RAID drive space.

Netdisco’s current non-CVS version 0.94 was released in December 2004. There have been talks since the first of this year of 0.95 being released soon.

The Netdisco project has an active user community comprising universities, corporations, and individuals. The project recently attracted a few new developers to assist in continuing the development. Overall, the long-term outlook for the project’s longevity looks positive.

I would urge anyone who is looking for a tool to help manage their network devices, and who doesn’t want to spend a bundle doing it, to give Netdisco a try. Even if you have a bundle to spend, I would still suggest you try Netdisco first.