111 lines
3.3 KiB
Plaintext
111 lines
3.3 KiB
Plaintext
=head1 NAME
|
|
|
|
App::Netdisco::Manual::Vendors - Tips and Tricks for Vendor Platforms
|
|
|
|
=head1 Neighbor Relations on Juniper EX
|
|
|
|
The LLDP configuration should look like:
|
|
|
|
lldp {
|
|
management-address 10.0.0.1;
|
|
port-id-subtype interface-name;
|
|
interface all;
|
|
}
|
|
|
|
=head1 Report Cisco 37xx as Single Device Instead of Stacked
|
|
|
|
Add this to your 37xx config:
|
|
|
|
no snmp-server sysobjectid type stack-oid
|
|
|
|
=head1 SNMP Support on Huawei Quidway and CloudEngine
|
|
|
|
Where C<mycommunity> is your community string. Note C<iso> means I<everything>
|
|
is visible to readers!
|
|
|
|
snmp-agent mib-view included all iso
|
|
snmp-agent community read cipher mycommunity mib-view all
|
|
snmp-agent packet max-size 17940
|
|
snmp-agent extend error-code enable
|
|
|
|
=head1 SNMP Support on Linksys and Cisco Linksys
|
|
|
|
Where C<mycommunity> is your community string. Note this results in I<everything>
|
|
being visible to readers!
|
|
|
|
snmp-server view test iso included
|
|
snmp-server view test system included
|
|
snmp-server view test interfaces included
|
|
snmp-server view test ip included
|
|
snmp-server view test icmp included
|
|
snmp-server view test tcp included
|
|
snmp-server view test udp included
|
|
snmp-server view test transmission included
|
|
snmp-server view test snmp included
|
|
snmp-server view test rmon included
|
|
snmp-server view test dot1dBridge included
|
|
snmp-server view test ifMIB included
|
|
snmp-server view test dns included
|
|
snmp-server view test radiusMIB included
|
|
snmp-server view test traceRouteMIB included
|
|
snmp-server view test powerEthernetMIB included
|
|
snmp-server community mycommunity ro view test
|
|
|
|
|
|
=head1 SNMPv3 Support on Cisco IOS
|
|
|
|
To access per-VLAN MAC address tables we use SNMPv3 contexts. In Cisco IOS
|
|
the access control is per-context so for each context (VLAN) you need to permit
|
|
access from the poller.
|
|
|
|
You should already have something like the following to enable SNMPv3 from Netdisco at 192.0.2.1:
|
|
|
|
snmp-server view myv3view iso included
|
|
snmp-server group myv3group v3 priv read myv3view
|
|
snmp-server user myv3user myv3group v3 auth md5 PASSWORD priv des PASSWORD
|
|
snmp-server host 192.0.2.1 version 3 auth myv3user
|
|
|
|
Then set the authorization:
|
|
|
|
snmp-server group myv3group v3 auth
|
|
snmp-server group myv3group v3 auth context vlan- match prefix
|
|
|
|
If the second command above is rejected, you have an older version of IOS and must
|
|
enter a statement for each active VLAN on the device:
|
|
|
|
snmp-server group myv3group v3 priv context vlan-1
|
|
snmp-server group myv3group v3 priv context vlan-2
|
|
snmp-server group myv3group v3 priv context vlan-3
|
|
... etc
|
|
|
|
=head1 Linux SNMP Service (Agent)
|
|
|
|
Install the C<snmpd> (SNMP agent) and C<lldpd> (neighbor discovery) packages.
|
|
|
|
Edit the C</etc/snmp/snmpd.conf> file:
|
|
|
|
# AGENT BEHAVIOUR
|
|
# comment out: agentAddress udp:127.0.0.1:161
|
|
agentAddress udp:161,udp6:[::1]:161
|
|
|
|
# ACCESS CONTROL
|
|
rocommunity <your-secret> <management-device-IP/net>
|
|
|
|
# SYSTEM INFORMATION
|
|
sysServices 76
|
|
# (default is 72, 74 is layer2 bridge/switch, 76 for layer3 router/gateway)
|
|
|
|
If running a firewall, allow SNMP traffic in on UDP port 161.
|
|
|
|
Edit the C</etc/default/lldpd> file:
|
|
|
|
DAEMON_ARGS="-k -x -l -m <Mgmt-IP>"
|
|
# <Mgmt-IP> is the IP to advertise for Netdisco to connect
|
|
|
|
Restart C<snmpd> and C<lldpd> services when you have configured them.
|
|
|
|
This assumes you're using LLDP on your network. If you use CDP then the
|
|
C<lldpd> daemon can support that protocol - see the manual page for details.
|
|
|
|
=cut
|