Network Switch ip to port mapping using neo

Open Source Network Administration gives some introduction to this network tool called neo. Latest version can be found ktools.org
(http://www.ktools.org/dist/neo/neo-1.3.1.tar.gz)

There is one catch while you compile & install in Ubuntu since the object_statstransfer.c , object_sleeper.c uses CLK_TCK i think CLK_TCK obsolete we have to use CLOCKS_PER_SEC instead. But i just defined as followed in the both files.

/* Define my constant */
#define CLK_TCK 100

Installation process :
1 ) gunzip -c neo-1.3.1.tar.gz | tar xvf -
2 ) cd neo-1.3.1
3 ) ./configure
4 ) Do the relevant changes as explained earlier in the both source files.
5 ) make
6 ) make install

neo has its own command line. But basic things you need to get ip to port map two command arpfind , locate .

Before doing that you can define the switches & the core router in one file. (router needed to find the ip to arp resolution)
example /var/neo/switches

192.168.1.10
192.168.1.11

if you want to find the relevant ip to arp mapping you could issue the command as
neo -c "community string" arpfind @f:/var/neo/switches
This will give u the arp address ,
then you can issue the location command to locate the port number.


neo -c "community string" locate @f:/var/neo/switches

I've combined both into one perl script. I haven't use the community string here since i complied the default community as relevant string. You can change the community string while compiling (
object_global.c 


  g->argv0=NULL;
  g->readcom=strdup("public");
  g->writecom=strdup("public");
  neo_global_set_burst(g, 1);



#!/usr/bin/perl
#Arp to IP Mapper Argument as host
$arg = $ARGV[0];

#To save the actual arp
$real_arp = "";
#Identify the arp of the host
@arp = `neo arpfind $arg \@f:/root/gobi/neo-1.3.1/switches`;
foreach (@arp)
{
 if ($_ =~ /says/)
 {
 $real_arp = substr($_,-18);
 last ;
 }
}
chomp($real_arp);
@port = `neo locate -u $real_arp \@f:/root/gobi/neo-1.3.1/switches`;

foreach(@port)
{
print $_;
}

root@--:~/gobi# ./run.pl 192.168.29.2
Found on 6@192.168.0.200
Found on 10@192.168.0.204

I'm doing some reverse mapping also using simple snmp queries like
@ip2arp_tbl = `snmpwalk -c "public" -v 2c 192.168.0.99 "ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaPhysAddress"`; I'll give that in a different post if successful .

Comments

Emmanuel Arul Gobinath said…
Neo having some issue with Port Numbering. I don't know the actual reason. I'll dig if i've time on it. :)
October 13, 2009 at 11:41 PM
Post a Comment

Popular posts from this blog

PPTP Server as Cisco for Mikrotik Client

Image
Following configuration explains the Cisco as PPTP server and connecting two sites: Following Configuration needed to enable the VPDN and default server: vpdn enable ! vpdn-group Mtik ! Default PPTP VPDN group accept-dialin protocol pptp virtual-template 1 interface Virtual-Template1 ip unnumbered Loopback0 peer default ip address pool IPPOOL1 ppp encrypt mppe auto required ppp authentication ms-chap-v2 ms-chap pap ip local pool IPPOOL1 192.168.150.10 192.168.150.224 Few more additional things we need to keep the same ip address for the user: aaa new-model ! ! aaa authentication ppp default local aaa authorization network default local ! aaa attribute list Gobi attribute type addr 192.168.150.13 service ppp protocol ip mandatory attribute type route "10.0.0.0 255.255.255.0 192.168.150.13" attribute type interface-config "description Gobi-test" Finally apply the attribute list to the user: username gobi password 0 test username gobi aaa attri...
Read more

l2tpv3 configuration reference

Image
Reference Comparing , Designing and Deploying VPNs chap - 02 : L2TPv3 is the enhanced version of L2TPv2 protocol. Mikrotik uses L2TPv2 i suppose but it offer another similar tunneling mechanism as EOIP. L2TPv3 in cisco provides Pseudo-wire services to the customer. L2TPv3 only require the IP connectivity between peers but it can transport Ethernet, 802.1Q , HDLC, PPP framerelay etc. Advantage over MPLS is the customer having the full control of their routing domain. L2TP depolyment methods having 3 topologies LAC - LNS , LNS - LNS , LAC - LAC Following Diagram explain simple LAC - LAC L2TPv3 setup. It uses two types of messages: control connection messages - used for signaling between LCEs session data messages - Used to transport layer 2 protocols and connections Data channel Message Header having Session ID & cookie to correctly associate with the tunnel Deploying dynamic Pseudowires session 1) configure CEF - Its default in IOSs now. 2) configure a loopback in...
Read more

proxy arp

Image
In the above diagram , both hosts don't have default routes. But both are in the same /16 subnet. When host1 tries to ping host2 will it be able to ping ? Yes this behaviour due to the Proxy Arp feature. Note: Cisco by default enabled the proxy arp feature you have to disable it manually . Check the following Debug messages "debug arp" from the router. When the Arp request for 192.168.20.101 received on the router Fa0/1 it replies with its own mac address of fa0/1. (c200.03fc.0001)and vice versa *Mar 1 00:11:43.071: IP ARP: rcvd req src 192.168.12.154 00aa.00f4.6800, dst 192.168.20.101 FastEthernet0/1 *Mar 1 00:11:43.075: IP ARP: sent rep src 192.168.20.101 c200.03fc.0001,dst 192.168.12.154 00aa.00f4.6800 FastEthernet0/1 *Mar 1 00:13:13.067: IP ARP: rcvd req src 192.168.20.101 00aa.0041.1d00, dst 192.168.12.154 FastEthernet0/0 *Mar 1 00:13:13.067: IP ARP: sent rep src 192.168.12.154 c200.03fc.0000, dst 192.168.20.101 00aa.0041.1d00 FastEther...
Read more