Network Discovery methodology?

Spooster IT Services · ‎12-12-2019

Hi Experts,

I am working on a project that requires understanding of the existing network toplogy from routing, switching, and traffic flow prospective. Is there a network discovery methodology you would suggest?

Example: Start at one end, check routing table, identify next hops, login to next hops and repeat.

I know there are tools out there but they are not 100% reliable as there could be things in the network blocking the automated discovery.

Spooster IT Services Team

yunusemredemirbas · ‎12-12-2019

yunusemredemirbas · ‎12-12-2019

Hi. I had to discover network devices(only port connections). I solved this problem with cisco's cdp command. I sharing python script with you. You should edit code by yourself.

(I used database for switch informations)

import paramiko
import pymysql as sql
import time

def insert_data(source_ip_address, device_id, neighbor_ip_address, platform, neighbor_interface, router, trans_bridge, source_router_bridge,switch, host, igmp, repeater, voip_phone, remotely_managed_device, supports_stp_dispute, two_port_mac_relay, self_interface,  version_software, version_release, version_release_software, native_vlan, duplex, management_ip_address ):
    sorgu="insert into topoloji.switchs values (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s )"
    cursor.execute(sorgu, (None, source_ip_address, device_id, neighbor_ip_address, platform, neighbor_interface, router, trans_bridge, source_router_bridge,switch, host, igmp, repeater, voip_phone, remotely_managed_device, supports_stp_dispute, two_port_mac_relay, self_interface,  version_software, version_release, version_release_software, native_vlan, duplex, management_ip_address ))
    connection.commit()


connection=sql.connect(host="localhost", user="root", password="toor", db="topoloji")
cursor=connection.cursor()

cursor.execute("select * from switchs_password")
switchs=cursor.fetchall()

for switch in switchs:
    ip=switch[2]
    username=switch[3]
    password=switch[4]
    port=22


    ssh = paramiko.SSHClient()
    ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
    ssh.connect(ip, port, username, password)





    cmd = "show cdp neighbors detail" # istenilen komutlar buraya yazilacak
    stdin, stdout, stderr = ssh.exec_command(cmd)
    outlines =str(stdout.readlines()).replace("',", "")
    outlines=outlines.replace("'","")
    outlines=outlines.split("\\r\\n")

    liste=[]

    for i in range(len(outlines)):
        if outlines[i] is not None and outlines[i] != "":
            liste.append(list(str(outlines[i]).split())) #bu komut satırları liste elemanı yapıyor. Bu sayede satır içerindeki kelimelere erişebiliyoruz.


    source_ip_address=ip

    device_id = ""
    neighbor_ip_address = ""
    platform = ""
    self_interface = ""
    neighbor_interface = ""
    version_software = ""
    version_release = ""
    version_release_software = ""
    native_vlan = ""
    management_ip_address = ""
    duplex = ""
    router = 0
    trans_bridge = 0
    source_router_bridge = 0
    switch = 0
    host = 0
    igmp = 0
    repeater = 0
    voip_phone = 0
    remotely_managed_device = 0
    supports_stp_dispute = 0
    two_port_mac_relay = 0




    for i in  range(len(liste)):

        if len(liste[i]) != 0:
            if liste[i][0] == "Device" : #bu satirda her yeni cihazda degisken degerlerini sifirlayacak
                if device_id != "": #device bos ise veri kaydetmeden geciyor

                    insert_data(source_ip_address, device_id, neighbor_ip_address, platform, neighbor_interface, router, trans_bridge, source_router_bridge,switch, host, igmp, repeater, voip_phone, remotely_managed_device, supports_stp_dispute, two_port_mac_relay, self_interface, version_software, version_release, version_release_software, native_vlan, duplex, management_ip_address )



                device_id = ""
                neighbor_ip_address = ""
                platform = ""
                self_interface = ""
                neighbor_interface = ""
                version_software = ""
                version_release = ""
                version_release_software = ""
                native_vlan = ""
                management_ip_address = ""
                duplex=""
                router = 0
                trans_bridge = 0
                source_router_bridge = 0
                switch = 0
                host = 0
                igmp = 0
                repeater = 0
                voip_phone = 0
                remotely_managed_device = 0
                supports_stp_dispute = 0
                two_port_mac_relay = 0


            if liste[i][0] == "Device":
                try:
                    device_id = liste[i][2]
                except IndexError:
                    print(ip + " ip adresine sahip switchin " + neighbor_ip_address + " ip adresine sahip komşusunun " + liste[i][0] + " adli verisi okunamamistir")
                #print(device_id)

            elif liste[i][0] == "Entry":
                try:
                    neighbor_ip_address = liste[i + 1][2]
                except IndexError:
                    print(ip + " ip adresine sahip switchin " + neighbor_ip_address + " ip adresine sahip komşusunun " + liste[i][0] + " adli verisi okunamamistir")
                #print(neighbor_ip_address)
            elif liste[i][0] == "Platform:":
                try:
                    platform=liste[i][2]
                except IndexError:
                    print(ip + " ip adresine sahip switchin " + neighbor_ip_address + " ip adresine sahip komşusunun " + liste[i][0] + " adli verisi okunamamistir")
                #print(platform)
                for k in range(len(liste[i])-4): #Bu dongu capabilities sayisi kadar donerek degerleri degistirmekte
                    if liste[i][k+4]=="Router":
                        router=1
                    elif liste[i][k+4]=="Trans-Bridge":
                        trans_bridge=1
                    elif liste[i][k+4]=="Source-Route-Bridge":
                        source_router_bridge=1
                    elif liste[i][k+4]=="Switch":
                        switch=1
                    elif liste[i][k + 4] == "Host":
                        host=1
                    elif liste[i][k + 4] == "IGMP":
                        igmp=1
                    elif liste[i][k + 4] == "Repeater":
                        repeater=1
                    elif liste[i][k + 4] == "VoIP-Phone":
                        voip_phone=1
                    elif liste[i][k + 4] == "Remotely-Managed-Device":
                        remotely_managed_device=1
                    elif liste[i][k + 4] == "Supports-STP-Dispute":
                        supports_stp_dispute=1
                    else:
                        two_port_mac_relay=1
                #print(router, trans_bridge, source_router_bridge, host, igmp, repeater, voip_phone, remotely_managed_device, supports_stp_dispute, two_port_mac_relay)
            elif liste[i][0] == "Interface:":
                try:
                    self_interface=liste[i][1]
                except IndexError:
                    print(ip + " ip adresine sahip switchin " + neighbor_ip_address + " ip adresine sahip komşusunun " + liste[i][0] + " adli verisi okunamamistir")
                #print(self_interface)
                try:
                    neighbor_interface=liste[i][6]
                except IndexError:
                    print(ip + " ip adresine sahip switchin " + neighbor_ip_address + " ip adresine sahip komşusunun " + liste[i][0] + " adli verisi okunamamistir")
                #print(neighbor_interface)
            elif liste[i][0] == "Version":
                try:
                    version_software=liste[i+1][5]
                except IndexError:
                    print(ip + " ip adresine sahip switchin " + neighbor_ip_address + " ip adresine sahip komşusunun " + liste[i][0] + " adli verisi okunamamistir")
                #print(version_software)
                try:
                    version_release=liste[i+1][7]
                except IndexError:
                    print(ip + " ip adresine sahip switchin " + neighbor_ip_address + " ip adresine sahip komşusunun " + liste[i][0] + " adli verisi okunamamistir")
                #print(version_release)
                try:
                    version_release_software=liste[i+1][10]
                except IndexError:
                    print(ip + " ip adresine sahip switchin " + neighbor_ip_address + " ip adresine sahip komşusunun " + liste[i][0] + " adli verisi okunamamistir")
                #print(version_release_software)
            elif liste[i][0]=="Native":
                try:
                    native_vlan= liste[i][1] + " " + liste[i][2]
                except IndexError:
                    print(ip + " ip adresine sahip switchin " + neighbor_ip_address + " ip adresine sahip komşusunun " + liste[i][0] + " adli verisi okunamamistir")
                #print(native_vlan)
            elif liste[i][0]=="Duplex:":
                try:
                    duplex=liste[i][1]
                except IndexError:
                    print(ip + " ip adresine sahip switchin " + neighbor_ip_address + " ip adresine sahip komşusunun " + liste[i][0] + " adli verisi okunamamistir")
                #print(duplex)
            elif liste[i][0]=="Management":
                try:
                    management_ip_address=liste[i+1][2]
                except IndexError:
                    print(ip + " ip adresine sahip switchin " + neighbor_ip_address + " ip adresine sahip komşusunun " + liste[i][0] + " adli verisi okunamamistir")
                #print(management_ip_address)



    insert_data(source_ip_address, device_id, neighbor_ip_address, platform, neighbor_interface, router, trans_bridge, source_router_bridge,switch, host, igmp, repeater, voip_phone, remotely_managed_device, supports_stp_dispute, two_port_mac_relay, self_interface, version_software, version_release, version_release_software, native_vlan, duplex, management_ip_address )
    ssh.close()
    print("switch " + ip + " tamamlandi")
    time.sleep(5)

cursor.close()
connection.close()