Solved: Re: Question about VLAN-membership of a trunk port

derplord1234 · ‎07-04-2013

I have to find out with SNMP what VLANs a trunk port is in.

Im basically looking for a equivalent of vmVlan, 1.3.6.1.4.1.9.9.68.1.2.2.1.2 that is working on trunks.

Rolf Fischer · ‎07-08-2013

Sorry if my question wasnt clear enough, english isnt my native language and Im also rather new with this.

Don't worry - very often I have exactly the same problem.

The indexes in the output you've posted looks like 2k/3k platforms.

With those, you could use vlanTrunkPortVlansEnabled (CISCO-VTP-MIB) or other objects of vlanTrunkPortTable, but unfortunately this doesn't produce at all an output in the way you expect it (and I'm afraid there is no object which does).

enterprises.9.9.46.1.6.1.1.4.10101

7F FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF

FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF

But maybe querying the STP status (or another object in BRIDGE-MIB) could be suitable for you if you use a script which has to loop all VLANs.

Because this object belongs to the BRIDGE-MIB, you've to add the VLAN-ID to the community, e.g. public@7 for VLAN 7 if "public" it your community.

Object details: http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?local=en&translate=Translate&objectInput=1.3.6.1.2.1.17.2.15.1.3#oidContent

snmpbulkwalk -v2c -c public@1 -m BRIDGE-MIB 192.168.1.17 dot1dStpPortState.9

dot1dStpPortState.9 = forwarding

snmpbulkwalk -v2c -c public@2 -m BRIDGE-MIB 192.168.1.17 dot1dStpPortState.9

dot1dStpPortState.9 = forwarding

snmpbulkwalk -v2c -c public@3 -m BRIDGE-MIB 192.168.1.17 dot1dStpPortState.9

dot1dStpPortState.9 = forwarding

snmpbulkwalk -v2c -c public@4 -m BRIDGE-MIB 192.168.1.17 dot1dStpPortState.9

Timeout: No Response from 192.168.1.17

(VLAN 4 does not exist)

That's the best I can offer; but maybe you'll get better answers when you move your posting into the "Network Management" section.

Regards

Rolf

View solution in original post

Rolf Fischer · ‎07-08-2013

I've read the descrition and is it right that I have to convert this whole String to binary and a 1 means the VLAN with the name of the position is enabled?

Depending on the scripting language, binary comparsion can also be done with Hex-values, but yes, every digit represents a VLAN.

This one looks nicer but is it that only Vlans of current connections are displayed instead of all enabled?

This is per (trunk-)link, yes. I thougt that's what your're looking for.

If you want to query all active VLANs instead, you can use vtpVlanState:

http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?objectInput=vtpVlanState&translate=Translate&submitValue=SUBMIT&submitClicked=true

View solution in original post

Rolf Fischer · ‎07-04-2013

Hello again,

depending on the platform, you can find some trunk information in CISCO-VTP-MIB or CISCO-STACK-MIB.

I'm not sure what exactly you're looking for, the native VLAN you can find with vlanTrunkPortNativeVlan:

http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?local=en&translate=Translate&objectInput=1.3.6.1.4.1.9.9.46.1.6.1.1.5#oidContent

The value for allowed/active VLANs you have to decode: vlanTrunkPortVlansEnabled

http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?local=en&translate=Translate&objectInput=1.3.6.1.4.1.9.9.46.1.6.1.1.4#oidContent

Hope that helps

Rolf

derplord1234 · ‎07-08-2013

Sorry if my question wasnt clear enough, english isnt my native language and Im also rather new with this.

SNMPv2-SMI::enterprises.9.9.68.1.2.2.1.2

SNMPv2-SMI::enterprises.9.9.68.1.2.2.1.2.10101 = INTEGER: 900

SNMPv2-SMI::enterprises.9.9.68.1.2.2.1.2.10123 = INTEGER: 20

SNMPv2-SMI::enterprises.9.9.68.1.2.2.1.2.10124 = INTEGER: 900

This OID outputs the VLAN of all regular ports. But 10125 is a trunk port with more than one VLAN.

So Im looking for a OID that outputs basically:

SNMPv2-SMI::enterprises.9.9.68.1.2.2.1.2.10125 = INTEGER: 20

SNMPv2-SMI::enterprises.9.9.68.1.2.2.1.2.10125 = INTEGER: 890

SNMPv2-SMI::enterprises.9.9.68.1.2.2.1.2.10125 = INTEGER: 900

On the Small Business switches I did it with IF-MIB::ifStackStatus to get all Vlans of all ports, but I dont know how to do it with a Classic.

Rolf Fischer · ‎07-08-2013

Sorry if my question wasnt clear enough, english isnt my native language and Im also rather new with this.

Don't worry - very often I have exactly the same problem.

The indexes in the output you've posted looks like 2k/3k platforms.

With those, you could use vlanTrunkPortVlansEnabled (CISCO-VTP-MIB) or other objects of vlanTrunkPortTable, but unfortunately this doesn't produce at all an output in the way you expect it (and I'm afraid there is no object which does).

enterprises.9.9.46.1.6.1.1.4.10101

7F FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF

FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF

But maybe querying the STP status (or another object in BRIDGE-MIB) could be suitable for you if you use a script which has to loop all VLANs.

Because this object belongs to the BRIDGE-MIB, you've to add the VLAN-ID to the community, e.g. public@7 for VLAN 7 if "public" it your community.

Object details: http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?local=en&translate=Translate&objectInput=1.3.6.1.2.1.17.2.15.1.3#oidContent

snmpbulkwalk -v2c -c public@1 -m BRIDGE-MIB 192.168.1.17 dot1dStpPortState.9

dot1dStpPortState.9 = forwarding

snmpbulkwalk -v2c -c public@2 -m BRIDGE-MIB 192.168.1.17 dot1dStpPortState.9

dot1dStpPortState.9 = forwarding

snmpbulkwalk -v2c -c public@3 -m BRIDGE-MIB 192.168.1.17 dot1dStpPortState.9

dot1dStpPortState.9 = forwarding

snmpbulkwalk -v2c -c public@4 -m BRIDGE-MIB 192.168.1.17 dot1dStpPortState.9

Timeout: No Response from 192.168.1.17

(VLAN 4 does not exist)

That's the best I can offer; but maybe you'll get better answers when you move your posting into the "Network Management" section.

Regards

Rolf

derplord1234 · ‎07-08-2013

The indexes in the output you've posted looks like 2k/3k platforms.

With those, you could use vlanTrunkPortVlansEnabled (CISCO-VTP-MIB) or other objects of vlanTrunkPortTable, but unfortunately this doesn't produce at all an output in the way you expect it (and I'm afraid there is no object which does).

I've read the descrition and is it right that I have to convert this whole String to binary and a 1 means the VLAN with the name of the position is enabled?

But maybe querying the STP status (or another object in BRIDGE-MIB) could be suitable for you if you use a script which has to loop all VLANs.

Because this object belongs to the BRIDGE-MIB, you've to add the VLAN-ID to the community, e.g. public@7 for VLAN 7 if "public" it your community.

Object details: http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?local=en&translate=Translate&objectInput=1.3.6.1.2.1.17.2.15.1.3#oidContent

This one looks nicer but is it that only Vlans of current connections are displayed instead of all enabled?

Rolf Fischer · ‎07-08-2013

I've read the descrition and is it right that I have to convert this whole String to binary and a 1 means the VLAN with the name of the position is enabled?

Depending on the scripting language, binary comparsion can also be done with Hex-values, but yes, every digit represents a VLAN.

This one looks nicer but is it that only Vlans of current connections are displayed instead of all enabled?

This is per (trunk-)link, yes. I thougt that's what your're looking for.

If you want to query all active VLANs instead, you can use vtpVlanState:

http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?objectInput=vtpVlanState&translate=Translate&submitValue=SUBMIT&submitClicked=true

derplord1234 · ‎07-08-2013

vtpVlanState displays all vlans, not vlan per port.

But vlanTrunkPortVlansEnabled is exactly what I needed, thanks man. I hope I'm soon finished with this project. This probably wasn't my last question