Solved: Re: API - LLDP / CDP for every port for every device

Raphael_L · ‎04-05-2019

Hi there ,

I'm currently trying to something to get every switch port configuration and every LLDP / CDP device on every switch port.

The issue I'm looking at , is that I have to do a call for every device we have.

ex:

GET /networks/[networkId]/devices/[serial]/lldp_cdp

and :

GET /devices/[serial]/switchPorts

I have to identify every single AP that is misconfigured ( like an AP seen on access port.

We have over 2500 device so I really need to script that.

Anyone done something similar ?

Thanks a lot.

jdsilva · ‎04-05-2019

Not unless you're using multithreading or some other concurrent processing method. Meraki API calls take 2-5 seconds to return usually. One script running sequentially will never be able to exceed the 5calls/second limit.

http://blog.brokennetwork.ca |

@jdsilva

View solution in original post

jdsilva · ‎04-05-2019

I would probably attack this using the Org Inventory call, and then iterate though those results to get LLDP/CDP and switchport info for every device whose model starts with MS

So something like this in pseudocode:

devices = get /organizations/[id]/inventory

for dev in devices
    if dev[model] starts with "MS"
        cdp-lldp = get /networks/dev[networkId]/devices/dev[serial]/lldp_cdp
        lastport = dev[model[6:] #slice the model number to get number of ports
        for portnumber in range(0 to lastport)
            switchport[portnumber] = get /devices/[serial]/switchPorts/[portnumber]

print cdp-lldp
print switchport

http://blog.brokennetwork.ca |

@jdsilva

Raphael_L · ‎04-05-2019

Thanks for the pseudo code. I'm almost done , but I have one last concern.

Since I will have to retrieve info from over 2500 devices , it looks like I'm going to be bottlenecked by the 5 calls / sec limit , ain't that right ?

- Raphael

jdsilva · ‎04-05-2019

Not unless you're using multithreading or some other concurrent processing method. Meraki API calls take 2-5 seconds to return usually. One script running sequentially will never be able to exceed the 5calls/second limit.

http://blog.brokennetwork.ca |

@jdsilva

Philip D'Ath · ‎04-05-2019

Since I will have to retrieve info from over 2500 devices , it looks like I'm going to be bottlenecked by the 5 calls / sec limit , ain't that right ?

Correct. But even if you only do 1 device a second you'll be done in an hour - so no big deal. Even if it takes 8 hours you can just leave it running over night and you'll have your answers in the morning when you come into work.

Raphael_L · ‎04-06-2019

So I'm done with my script ! I can now identify any device via LLDP that as AP in it's name and identify if it's port is either in access or trunk. If it is in access , it is flagged as misconfigured.

If you guys need it I can share my code ( only have to adapt your key ,orgID, and the output messages ( currently in french )

Last question : I'm looking for the equivalent of :

GET /devices/[serial]/switchPorts

but for MX ( not MS ). I don't see anything. I would like to be able to identify misused ports on MX.

Going to make a wish if this feature is not already there.

Thanks a lot

ryfirth · ‎09-29-2019

Hey @Raphletourn can you share your script? Trying to do something similar.

Raphael_L · ‎10-03-2019

Sure !

Here it is

Spoiler

import json
from meraki import meraki

apikey = "" #YOUR KEY
orgid = "" #YOUR ORG ID

Inventaire = meraki.getorginventory(apikey,orgid)

for switch in Inventaire:
if switch['networkId'] is not None:
lldp = meraki.getlldplldp(apikey, switch['networkId'] , switch['serial'])
try:
for portID in lldp['ports']:
try:
if "AP" in lldp['ports'][portID]['lldp']['systemName']:
#checking if AP is in the lldp info , we named our AP like that
portdetail = meraki.getswitchportdetail(apikey, switch['serial'] , portID)
if portdetail['type'] == "access":
config = "Port {} de la switch {} est mal configuré pour la borne {}.\n".format(portID, switch['name'], lldp['ports'][portID]['lldp']['systemName'] )

f = open("OP_portAP.txt", "a")
f.write(config)
f.close()
except:
erreur = "no ports"
except:
erreur = "no lldp"

import jsonfrom meraki import merakiapikey = "" #YOUR KEYorgid = "" #YOUR ORG IDInventaire = meraki.getorginventory(apikey,orgid)for switch in Inventaire:if switch['networkId'] is not None: lldp = meraki.getlldplldp(apikey, switch['networkId'] , switch['serial'])try:for portID in lldp['ports']:try:if "AP" in lldp['ports'][portID]['lldp']['systemName']:#checking if AP is in the lldp info , we named our AP like thatportdetail = meraki.getswitchportdetail(apikey, switch['serial'] , portID)if portdetail['type'] == "access":config = "Port {} de la switch {} est mal configuré pour la borne {}.\n".format(portID, switch['name'], lldp['ports'][portID]['lldp']['systemName'] )f = open("OP_portAP.txt", "a")f.write(config)f.close()except:erreur = "no ports"except:erreur = "no lldp"

You might want to adjust some parts in the script , but the logic is there,

ryfirth · ‎10-03-2019

Awesome, thanks! Will give that a shot.

Nash · ‎04-05-2019

I've been working on an easy way to pull CDP info, esp since the API seems like the only way to get it out of an MX. My goal was to be able to pick an org, pull its network list, then granularly work network->device category->device (or whole hog) to get specific info.

I'm doing this in Python. I convert the dictionaries into objects using classes, because I find it easier than trying to dig into some of the weirdly formatted JSON.

I don't have anything that's not weirdly broken to share, unfortunately.

Final product is a CSV or xlsx containing:

Org name (if multiple orgs), network name, device name, all switchports (in your use case), all results of CDP/LLDP

Pseudocode:

Pull org list

for org in orgList:

get networkList from org

for network in networkList:

get deviceList from network

for device in DeviceList:

if the first two letters in the device.name == MS:

get switchports

get CDP/LLDP information for that device

do some magic to ensure switchports are correlated to CDP/LLDP info

output switchports and CDP/LLDP info into a CSV or Excel spreadsheet

If all of your APs are Meraki APs, you could instead check device.name == MR, then get CDP/LLDP info off the AP itself.

Windows 10 Client VPN scripts: Makes life better!

Gian Paolo · ‎12-15-2019

Take a look here, you may find some code to build your own solution:

https://developer.cisco.com/codeexchange/github/repo/routetonull/getMerakiNeighbor

guillaumearibaud · ‎02-28-2025

Thanks for the topic
that's solve my mistake to extract Meraki CDP/LLDPinformations to my IPAM Netbox by API