Re: SNMP - Getting MAC, VLAN & Port info (cam dynamic) on 4500 -

patpee_NL · ‎05-12-2004

Hi everybody!

I want to get the 'show cam dynamic' info from a 4506 switch with CatOS 8.1. I've studied the info on this page thorougly but i'm stuck:

http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a00801c9199.shtml

So I made a script that has to check every 5 minutes for the necessary info.

This is it, I've made comments to make it clear for everybody:

================================================

<?php

//Get the VLANs of all the interfaces

$VLANs = snmpwalk("10.1.17.4", "public",".1.3.6.1.4.1.9.9.68.1.2.2.1.2");

//Make the array unique, so every VLAN is in it just once.

@$VLANs = array_unique($VLANs);

@sort($VLANs);

@reset($VLANs);

//For every VLAN...

for ($i = 0; $i <= count($VLANs)-1; $i++) {

//Get the MACadresses and BridgePorts of that VLAN.

@$MACadresses = snmpwalk("10.1.17.4", "public@$VLANs[$i]",".1.3.6.1.2.1.17.4.3.1.1");

@$BridgePort = snmpwalk("10.1.17.4", "public@$VLANs[$i]", ".1.3.6.1.2.1.17.4.3.1.2");

//For every MAC-address...

for ($j = 0; $j <= count($MACadresses)-1;$j++){

// Get the LocalPort which belongs to the BridgePort

@$LocalPort[$j] = snmpget("10.1.17.4", "public@$VLANs[$i]", ".1.3.6.1.2.1.17.1.4.1.2.$BridgePort[$j]");

// Then get the PortName, which belongs to the LocalPort.

@$PortName[$j] = snmpget("10.1.17.4", "public", ".1.3.6.1.2.1.31.1.1.1.1.$LocalPort[$j]");

//Show everything.

echo "VLAN: $VLANs[$i] - MAC:";

echo $MACadresses[$j];

echo " - Bridge: ";

echo $BridgePort[$j];

echo " - LocalPort: ";

echo $LocalPort[$j];

echo " - PortName: ";

echo $PortName[$j];

echo "\n";

}

//If everything is allright then these two numbers should be the same.

echo "Total MAC-adresses: ";

echo count($MACadresses);

echo "\nTotal BridgePorts: ";

echo count($BridgePort);

echo "\n";

}

?>

==========================================

It does it's job if run once. But if it's run two times (parallel, each instance from it's own BASH shell) then some output is screwed. Some ports (randomly) aren't shown in one instance, but are shown in the other. It looks like the array is shared and the variables are mixed-up.

I want to solve this because it should be possible for someone to manually scan the network and the output has to be correct.

The second issue is speed: if I run this script on a switch with a lot of VLAN's and devices connected, it takes about a minute. Is there a way to shorten this time?

I'm using SuSe 8.0 BTW on a P3 600Mhz, 128MB RAM. This system isn't the bottleneck, when I run four or five scripts simultaneously, CPU time is about 9%.

patpee_NL · ‎05-12-2004

Can someone please tell me if there isn't a faster way to check for the 'show cam dynamic' info?

Because now it first checks the VLANs, then the MAC-adresses and bridgeports for each VLAN, then for each bridgeport the local port and port name is being retrieved.

I've tested response times and it appears that the (unique) VLANs are shown in about 2 seconds. All the MAC-adresses per VLAN are then shown in about 25 seconds, the bridgeport info in 45 seconds and the rest is shown in about 50 seconds.

bjellig · ‎05-13-2004

I use perl scripting to get this kind of data, and one of the most useful tools I've found is the Net::Telnet::Cisco module (http://nettelnetcisco.sourceforge.net/).

It's fairly simple to have it telnet to a switch, issue a "set length 0" command, then a "sh cam dyn".

You can then take the output array and parse it however you want.

As for execution time, it produces output as fast as you see it from a telnet session.

patpee_NL · ‎05-13-2004

Thanks for the answer, however I don't have any experience with Perl... I like the Telnet idea (i know it's also possible without Perl), but i'm pretty sure there has to be a way to make it faster using SNMP.

In my opinion, this command ('show cam dynamic') is pretty important for large networks. For this reason, there should be an easy and fast SNMP solution. Or is my thinking very wrong?

dave.keith · ‎05-18-2004

There is a table in the Bridge MIB (MIB II) :

.1.3.6.1.2.1.17.4.3

"A table that contains information about unicast

entries for which the bridge has forwarding and/or

filtering information. This information is used

by the transparent bridging function in

determining how to propagate a received frame. "

Its entries are MAC-Port-Status ...

Dave

patpee_NL · ‎05-25-2004

You probably didn't read my startpost very well... Just check which SNMP strings i've used.

Indeed, .1.3.6.1.2.1.17.4.3.1.1 and .1.3.6.1.2.1.17.4.3.1.2. Just the strings you told me here. I know what they do, the problem is that gathering all the information just takes too long.

ybertsch · ‎05-27-2004

I would like to know if these snmp commands work in a VLAN environnement. I was using these tables before creating Vlans. Now, as I am no more using vlan 1, these snmp commands (dot1dTPFdbTable for Mac addr, Ports) are no more available for other Vlans ...

I am now obliged to use NET:Telnet perl in our perl scripts... Did anyone notice this feature

(my switches are catalyst 3524 and 2950)

grayd · ‎06-01-2004

You have probably already checked this, but is your SNMPwalk function using SNMPv2 or SNMPv1? Using SNMPv2 should give you faster results when walking a large table (due to the getbulk funtion).

SNMP - Getting MAC, VLAN & Port info (cam dynamic) on 4500 -> Troubles!