netdisco/lib/App/Netdisco/Manual/Vendors.pod

=head1 NAME

App::Netdisco::Manual::Vendors - Tips and Tricks for Vendor Platforms

=head1 Neighbor Relations on Juniper EX

The LLDP configuration should look like:

 lldp {
   management-address 10.0.0.1;
   port-id-subtype interface-name;
   interface all;
 }

=head1 Neighbor Relations on D-Link

Add the following to your devices (changing the port numbers appropriately):

 config lldp ports 1-28 mgt_addr ipv4 enable

or

 config lldp ports 1-28 mgt_addr ipv4 1.2.3.4 enable

Which you use will depend on the device OS version.

=head1 VRFs and NXOS

Netdsico at this time does not support VRFs. In particular, overlapping IP
address spaces will not be shown in the interface.

However if you're running Cisco NXOS and do not have overlapping IP address
space, then you can use the NXOS SSHCollector profile for that platform.

=head1 Report Cisco as Single Device Instead of Stacked (37xx/29xx/etc)

Add this to your device config:

 no snmp-server sysobjectid type stack-oid

=head1 SNMP Support on Huawei Quidway and CloudEngine

Where C<mycommunity> is your community string. Note C<iso> means I<everything>
is visible to readers!

 snmp-agent mib-view included all iso
 snmp-agent community read cipher mycommunity mib-view all
 snmp-agent packet max-size 17940
 snmp-agent extend error-code enable

=head1 SNMP Support on Linksys and Cisco Linksys

Where C<mycommunity> is your community string. Note this results in I<everything>
being visible to readers!

 snmp-server view test iso included
 snmp-server view test system included      
 snmp-server view test interfaces included
 snmp-server view test ip included
 snmp-server view test icmp included
 snmp-server view test tcp included
 snmp-server view test udp included
 snmp-server view test transmission included
 snmp-server view test snmp included
 snmp-server view test rmon included
 snmp-server view test dot1dBridge included
 snmp-server view test ifMIB included
 snmp-server view test dns included
 snmp-server view test radiusMIB included
 snmp-server view test traceRouteMIB included
 snmp-server view test powerEthernetMIB included
 snmp-server community mycommunity ro view test


=head1 SNMPv3 Support on Cisco IOS

To access per-VLAN MAC address tables we use SNMPv3 contexts. In Cisco IOS
the access control is per-context so for each context (VLAN) you need to permit
access from the poller.

You should already have something like the following to enable SNMPv3 from Netdisco at 192.0.2.1:

 snmp-server view myv3view iso included
 snmp-server group myv3group v3 priv read myv3view
 snmp-server user myv3user myv3group v3 auth md5 PASSWORD priv des PASSWORD
 snmp-server host 192.0.2.1 version 3 auth myv3user

Then set the authorization:

 snmp-server group myv3group v3 auth
 snmp-server group myv3group v3 auth context vlan- match prefix

If the second command above is rejected, you have an older version of IOS and must
enter a statement for each active VLAN on the device:

 snmp-server group myv3group v3 priv context vlan-1
 snmp-server group myv3group v3 priv context vlan-2
 snmp-server group myv3group v3 priv context vlan-3
 ... etc

=head1 Linux SNMP Service (Agent)

Install the C<snmpd> (SNMP agent) and C<lldpd> (neighbor discovery) packages.

Edit the C</etc/snmp/snmpd.conf> file:

 # AGENT BEHAVIOUR
 # comment out: agentAddress udp:127.0.0.1:161
 agentAddress udp:161,udp6:[::1]:161
 
 # ACCESS CONTROL
 rocommunity <your-secret> <management-device-IP/net>
 
 # SYSTEM INFORMATION
 sysServices 76
 # (default is 72, 74 is layer2 bridge/switch, 76 for layer3 router/gateway)

If running a firewall, allow SNMP traffic in on UDP port 161.

Edit the C</etc/default/lldpd> file:

 DAEMON_ARGS="-k -x -l -m <Mgmt-IP>"
 # <Mgmt-IP> is the IP to advertise for Netdisco to connect

Restart C<snmpd> and C<lldpd> services when you have configured them.

This assumes you're using LLDP on your network. If you use CDP then the
C<lldpd> daemon can support that protocol - see the manual page for details.

=cut