SNMP ifType for VLAN and Switch Ports

senthil085 · ‎04-20-2011

Hi,

I use Cisco ASA 5505 where I have eight switch ports (ethernet0/0 to ethernet0/7) and five VLAN's (viz NOC, inside, outside, DMZ1, DMZ2).

How to differentiate Switch ports and VLAN's in ifTable available in RFC1213 MIB. I guess it could be done using .iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifType . Can someone let me know the list of ifType constants that refers VLAN's and Switch ports? I see many being listed in the below link:

http://www.iana.org/assignments/ianaiftype-mib

Thank you

- Senthil -

brquinn · ‎04-22-2011

Senthil,

The snmp output will always be different depending on how your interfaces are configured, but if you do a walk on ifDescr, you can see how they match up based on the last number in the OID string. For example:

snmpwalk -v 2c -c public -On 192.168.2.1 ifDescr
.1.3.6.1.2.1.2.2.1.2.2 = STRING: Adaptive Security Appliance 'Internal-Data0/0'interface
.1.3.6.1.2.1.2.2.1.2.3 = STRING: Adaptive Security Appliance 'Ethernet0/0' interface
.1.3.6.1.2.1.2.2.1.2.4 = STRING: Adaptive Security Appliance 'Ethernet0/1' interface
.1.3.6.1.2.1.2.2.1.2.5 = STRING: Adaptive Security Appliance 'Ethernet0/2' interface
.1.3.6.1.2.1.2.2.1.2.6 = STRING: Adaptive Security Appliance 'Ethernet0/3' interface
.1.3.6.1.2.1.2.2.1.2.7 = STRING: Adaptive Security Appliance 'Ethernet0/4' interface
.1.3.6.1.2.1.2.2.1.2.8 = STRING: Adaptive Security Appliance 'Ethernet0/5' interface
.1.3.6.1.2.1.2.2.1.2.9 = STRING: Adaptive Security Appliance 'Ethernet0/6' interface
.1.3.6.1.2.1.2.2.1.2.10 = STRING: Adaptive Security Appliance 'Ethernet0/7' interface
.1.3.6.1.2.1.2.2.1.2.11 = STRING: Adaptive Security Appliance 'Internal-Data0/1' interface
.1.3.6.1.2.1.2.2.1.2.12 = STRING: Adaptive Security Appliance '_internal_loopback' interface
.1.3.6.1.2.1.2.2.1.2.13 = STRING: Adaptive Security Appliance 'Virtual254' interface
.1.3.6.1.2.1.2.2.1.2.14 = STRING: Adaptive Security Appliance 'inside' interface
.1.3.6.1.2.1.2.2.1.2.15 = STRING: Adaptive Security Appliance 'outside' interface
.1.3.6.1.2.1.2.2.1.2.16 = STRING: Adaptive Security Appliance 'Vlan300' interface
.1.3.6.1.2.1.2.2.1.2.17 = STRING: Adaptive Security Appliance 'labnet' interface

Now when you look at the other IF-MIB outputs, the last number will always match the interface described in this output.

I hope this helps.

Thanks,

Brendan

senthil085 · ‎04-28-2011

Hi Brendan,

I thank you for your response.

We could analyze the outputs of IF-MIB.ifTable or RFC1213.ifTable using ifTable.ifIndex which is the index that you referred (last number in the OID string).

I do SNMP GETBULK operation on OID's ifDesc, ifInOctet and ifOutOctet to plot interface bandwidth graph. I am only interested in analyzing the bandwidth usage of my interfaces. To ignore processing the outputs of switch ports (i.e I want to skip the ifInOctet and ifOutOctet values for Switch ports), should I analyze the interface name that we get in ifDesc?

Thank you

-Senthil-

brquinn · ‎04-28-2011

The ASA will update the interface counters for both the physical switchports and the vlan interfaces. The ifDesc simply shows the mapping so you know which values are relevant.

I hope this helps.

Thanks,

Brendan

senthil085 · ‎04-29-2011

Hi Brendan,

I understand that you want me to map the ifTable.ifIndex with the ifTable.ifDesc.

I am just trying to plot/find the bandwidth usage per interface basis. We have various firewall devices across our branches. So I thought to find out the switch ports from the results and ignore them systematically.

Does all switch port names in Cisco ASA boxes were hardcoded as Ethernet 0/x? Can't we rename it? If this is the case then I would skip all the interfaces whose name looks like Ethernet x/y.

If a systematic solution is not available, then I need to find the indexes of all the VLANs in each of the firewalls in our branches and query only those instances in ifInOctet and ifOutOctet OIDs.

Thank you

- Senthil -