the nedi guide nedi guide.pdf · topology awareness if mapping your network with a clear and...
TRANSCRIPT
![Page 1: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/1.jpg)
![Page 2: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/2.jpg)
Introduction
NeDidiscoversyournetworkdevicesandtracksconnectedend-nodes.Itcontainsmanyadditionalfeaturesformanagingenterprisenetworks:
IntelligenttopologyawarenessMACaddressmapping/trackingTraffic,error,discardandbroadcastgraphingwiththresholdbasedalertingUptime,BGPpeerandinterfacestatusmonitoringCorrelatesyslogmessagesandtrapswithdiscoveryeventsNetworkmapsfordocumentationandmonitoringdashboardsDetectirougeaccesspointsandfindmissingdevicesExtensivereportingrangingfromdevices,modules,interfacesallthewaytoassetsandnodes
NeDi'smodulararchitectureallowsforsimpleintegrationwithothertools.ForexampleCactigraphscanbecreated,basedondiscoveredinformation.DuetoNeDi'sversatilitythingslikeprinterresourcescanbemonitoredaswell...
PublishedonSatOct1413:45:052017
2
![Page 3: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/3.jpg)
InstallationInstructions
NeDi'swebsiteprovidesallnecessaryinformationforasuccessfulinstallation.
Thegenericprocedurewithsomelinkstoexternaldocumentation:http://www.nedi.ch/installation
OSSpecificinformation:http://www.nedi.ch/installation/freebsdhttp://www.nedi.ch/installation/os-xhttp://www.nedi.ch/installation/suse-installation
NeDiAppliance
There'safreeOpenBSDbasedappliancecalledNeDiO14availableontheDownloadpage.ItwillbesucceededbyaDebianbasedOVAcalledNeDian17.
PartnerSolutions
NeDiisintegratedincommerciallysupportedsolutionsaswell.HavealookatthepartnersonNeDi'sDownloadpagetogetmoreinformation.
3
![Page 4: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/4.jpg)
GeneralOverview
ThischapterhelpstogetyouacquaintedwithNeDi:
Architecture:AquickoverviewofNeDi'scomponentsFunctionalBreakdown:AdescriptionofusecasesTerminology:DefinitionoftopicsfoundinNeDi
ThefollowingchapterscoverNeDiusecases:
NetworkManagement:TheoriginalintentionAssetDiscovery:Collectdetailsonyournodesanddevices
Thefrontenddocumentationisdividedintothefollowingsections:
RESTAPIGUIoverviewGUImodules
4
![Page 5: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/5.jpg)
Architecture
NeDi'sarchitecturecanbedividedintothefollowingcomponents:
Networkdiscovery(nedi.pl)inlightblueaboveMonitoring(moni.pl,trap.plandsyslog.pl)inblueMasterdaemonandagentlistforcentralizingdistributedNeDiinstances,inpurpleNodediscoveryforassetdetails(gatheredbynodi.plusingWMIandSSH)inblueModularwebfrontendwritteninPHPandsomejavascriptinyellowRestfulAPIfrontendwritteninPHPindarkyellowMastersettingsfile(nedi.conf)indarkblueDependenciesareindicatedaboveaswell(e.g.APIonlytalkstotheDBandflow.plusesTrafficdatatogenerategraphs)NFDUMPcanoptionallybeintegrated,inthatthefrontendcanaccessanddisplaynetflowdata
5
![Page 6: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/6.jpg)
FunctionalBreakdown
Usethistableinordertolearnhowthecomponentscanbeusedtoachievedifferentgoals.Detailedinformationisprovidedinthefollowingchapters:
Goal Component Description
DiscovernetworkdevicesusingSNMPandSSH/Telnet nedi.pl
Runnedi.plviaconsole,System-NeDiinthewebGUIorusecrontabtodiscoveronfixedintervalsThiswillalsotrackMACandIPadressesandcollecttheinterfacestatistics
Monitordiscoverednetworkdevices moni.pl
Runmoni.plviaconsole,System-ServicesinthewebGUI,orhaveitautostartwithinit.dscriptsAdddesireddevices(whichusuallyhavebeendiscoveredbefore)tomonitoringControlthemonitoringfrequency(defaultisuptimecheckevery3minutes)
ReceiveSyslogmessages syslog.pl Runsyslog.plviaconsole,System-ServicesinthewebGUI,orhaveitautostartwithinit.dscripts
ReceiveSNMPtraps trap.pl Configuretrap.plastraphandlerforsnmptrapd
MonitorremoteNeDihosts master.pl
AddremoteNeDiinstallationsinagentlistRunmaster.plviaconsole,System-ServicesinthewebGUIorhaveitautostartwithinitdscriptsConfigurehowtheremoteagentsprovidetheirAPIconnection(e.g.httpsandrootpath)Note:Don'trunanyothercomponentsonthishosttoavoidconfusion
Discoverassets nodi.plRunnodi.plviaconsole,System-NoDiinthewebGUIorusecrontabtodiscoveronfixedintervalsIt'srecommendedtouseadifferentDB(andconfigfile),ifnedi.plisrunninghereaswell
TrafficMonitoring nfdump,flowi.pl
Runnfcapd(fornetflow),sfcapd(forsflow)ornfpcapd(tocapturetrafficonaninterface)Specifypathtonetflowdatainnedi.confEditnedi.conftosetnfdpathandtheIP-portsyouwanttographRunflowi.plevery5minutestocreatetheProtocolandPortgraphsMakesurethefrontendcanexecutenfdump(especiallyifnfdumpisinstalledonanotherhostandthedatadirismounted)
6
![Page 7: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/7.jpg)
Terminology
Devices:
SNMPcapablenetworkequipment,printerorserverWMIcapableWindowsserverorclientSSHcapableUnix(namelyLinuxandBSD)serverorclient
Modules:
Linecards,powersupplies,fantraysoropticaltransceivers(usuallywithserialnumber)innetworkdevicesMembers(usuallyclassifiedaschassis)inastackVirtualmachinesinhypervisorsSuppliesinprintersCPU,Ram,HDD,displayorinstalledsoftwareinWMIorSSHdevicesGotoModulesformorenetworkingrelatedinformation
Nodes:
MACaddressfromabridge-forwardtableonaswitch(required)IPaddressesofARPtablesonroutersorlayer3switches(optional)DNSnamesoptainedbyreverselookupofIPaddresses(optional)GotoNetworkPopulationformorenetworkingrelatedinformation
Links:
ConnectionbetweendevicesstoredinthelinkstableCreatedusingCDP,LLDP(ISDPunderinvestigation)Calculatedautomaticallywithinformationderivedfrombridge-forwardtables(MAC)AddedstaticallyusingTopology-Linked(STAT)
Assets:
ItemswithaserialnumberintheinventorytableAddedbyNeDi's-YoptionAddedbyhandusingAssets-ManagementImportedviaCSVfileusingAssets-Management
Policies:
RulesdefinedinSystem-PoliciestocreatealertsoractionsThey'reevaluatedatdifferentpointsduringthediscoveryPackets,BytesorFlowsrulesareevaluatedbyflowi.pl
AgeShading
Dateandtimefieldsareusuallydisplayedwithaagebasedbackgroundcolor.Thishelpstoquicklyspotanomaliesinalistforexample:
Firstseendatesstartouttobebrightgreen(affectedbythe"retire"settinginnedi.conf)likeafreshfruitLastseendatesturnmoreredaftertimelikeasunsetThegreaterthedifferencebetweenthetwothemoreblueisadded
7
![Page 8: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/8.jpg)
Colorsquicklyshownewdevicesandthosebeingofflineforawhile
8
![Page 9: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/9.jpg)
NetworkManagement
Prerequisites
Beforeyoubegin,decidehowyouwilluseNeDi,andwhatyouneedtodotomakeitaneffectivetoolinyournetwork.Thediscoverynedi.plneedsSNMPreadaccessinordertodiscovernetworkdevices.PrivilegedCLIaccesscanbeusedtoreadtheMACaddresstablesonCiscodevices,whichisfasterthanvlanindexingviaSNMP,andsupportsportsecurityaswell.TheconfigurationsarereadviaCLIandstoredinthedatabaseorastextfiles.IfyouwanttouseNeDitobackupyourconfigurations,youwillneedtoenableprivilegedCLIaccess.
NeDirequiresuniquedevicenames,sincethisistheprimarykeyinthedatabase.Thedomainpartofthedevicenameisusuallydiscarded,becauseCDPisnotconsistentwithdomainnamesonalldevices,andthiscanleadtoproblemswhencreatingdevicelinks.Makesureyounameyourdevicesuniquely.
NeDireachesitsfullpotentialwhenusedwithCDP,FDPand/orLLDPcapabledevicesinyournetwork.Thediscoveryandtopologyvisualizationsnolongerdependontheseprotocolsbeingenabled,however,soNeDicanbeusedeffectivelywithoutthem.
NeDicandrawmapsfordocumentationandmonitoringdashboards
9
![Page 10: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/10.jpg)
TopologyAwareness
Ifmappingyournetworkwithaclearandautomatedvisualrepresentationisimportanttoyou,youwillwanttoenablethetopologyawarenessfeaturesbypreparingyourdevicestobeplacedinNeDi'svisualizationsandmaps.NeDiiscapableofvisualizingyournetworkdowntoracklevel!Inordertodothis,aspecificformatfortheSNMPlocationstringisrequiredoneachdeviceasfollows(separatorscanbeconfiguredinnedi.confwithlocsep):
Region;City;Street;Floor;[Room;][Rack;][RU;][Height]
Thebuildingorstreetaddressmaycontainseveralsub-buildingsseparatedwithasecondseparator(e.g._)TheRUiscountedupwardsfromthebottomofarackTheheightisonlynecessary,ifthedevicecomesindifferentsizes(e.g.aVMwareESXserver)
Switzerland;Zurich;MainStation;5;DC;Rack17;7
Thisexampleputsadeviceinposition7ofrack17intheDCroomatthe5thfloor
FL;Orlando;42PineSt_A;54;Closet;Wallrack;1
Thisdeviceislocatedinacloset'swallrackinBuilding-Aof42Pinest(theremightbeabuilding-Batthesameaddress)
fnetworkdevicescanbeconfiguredwiththisSNMPlocationscheme,NeDicanvisualizeyourentirenetworktopology.Ifit'snotfeasibletoreconfigureallyourdevices,youcanoverridelocationsforsomeofthemintheseedlist,ormapotherinformationtothelocationscheme.You'lllosesomeofthedynamismofthemapping,butyoucanstillleveragesometopologyfeaturesthisway.
TopologyawareoverviewinMonitoring-Health
10
![Page 11: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/11.jpg)
Citiesshowtheirsizebasedondevices:
Icon Size #ofDevices
small 1-2
medium 3-9
large 10-19
extralarge 20+
ThesameappliestoBuildingswhereasimportantonescanbe“painted”redusingredbuildinnedi.conf:
Icon Size #ofDevices
small 1-2
medium 3-9
large 10-19
extralarge(important) 20+
11
![Page 12: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/12.jpg)
ConfigurationBackup
NeDiiscapableofbackingupswitch,routerandfirewallconfigurations.Commonbrandsandmodelsaresupportedaswellassomelessknownones(backingupofsomeFWcontextsneedsmorework).ThebackupisperformedviaCLIandcorresponding"showconf"commands.
Thebackupcanbeperformedin2ways:
1. DBonly:-b2. DBandkeepingthelastxversionsasfile:-Bx
IngeneralNeDionlywritesanewbackup,iftheconfigacutallydiffersfromthepreviousversion.SomedevicesprovideanSNMPOIDthatholdsthetimestampofthelastconfigchange(CiscoandComwareareknown).Thismakestheprocessmoreefficientasitwon'trequiredownloadingtheconfigtodeterminewhetherithaschangedornot.A2ndOIDmakesitpossibletodeterminewhethertherunningconfighasbeenwrittentothedevice'sflashandalert,ifnot:
CFGC:Lastchange@5858408suptime
EVNT:MOD=B/1L=150CL=cfgsTGT=3560CXMSG=Configchanged
(@5858408s)54.15daysafterwritingtoflash(@1179413s)
Onceconfigsarebackedup,theycanbetestedforcompliance,searched,compared,beusedastemplatefornewdeployments(e.g.viatftp)orbetranslatedintonewconfigsforcompletelydifferentbrandsandmodels(startingwithNeDi1.7).
ConfigurationCompliancePolicies
12
![Page 13: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/13.jpg)
DeviceModules
Mostswitchesandrouterscontainlinecards,removablefantraysandpowersuppliesandopticaltransceivers.NeDiisabletodiscoverthosemodulestoagoodextent.TheycanbelistedinDevices-Modulesforreview.HoweverNeDitriestopresentthisinformationinamostusefulmanner.Stacksforexamplehavebecomemorepopularinrecentyears.ManagementtoolslikeNeDishouldbeawareofhowtheyarephysicallybuilt,butdon'toverwhelmtheuserwithlessrelevantinformation.ThisgetsevenmorecomblicatedwhenwholenetworkfabricsarebeingmanagedwithasingleIPaddress.Toanswerasimplequestionlikehowmanyswitchportsareavailableinacertainrack,becomesmorechallengingtoanswer.NeDicombinesthemoduleswiththeinterfacestopresentsuchananswer:
NeDibreakscomplexfabricsdowntoreportportsperextender
13
![Page 14: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/14.jpg)
NetworkPopulation(Nodes)
NeDitreatsallMACaddressesfoundinthebridge-forwardtablesofswitchesasnodes.TheyarecombinedwithARPinformationfromlayer3switchesandrouters.TheIPaddressesareresolvedtoprovideactualhostnames,whichwillideallycompletethewholepictureonthenetwork.
OvertimethemovementoftheMACaddressesandchangingofIPaddressesistrackedinseparatetablesaswell:
/>Databaserelationshiparoundnodes
NodescanbelistedinNodes-ListandthenbecloserexaminedinNodes-Status.Alltablesshownabovearegraphicallyrepresentedinthisview:
Nodestatusisgraphicallyorganized
14
![Page 15: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/15.jpg)
Editnedi.conf
ThemainconfigurationinputforNeDiisthenedi.conffile.ThefirsttaskinconfiguringNeDiiseditingthisfile.YoucanuseSystem-FilesinthewebGUItoeditnedi.conf,theseedlistandfinallycrontabtoschedulerecurringdiscoveries.Makesureyoueditnedi.confbeforestartingtodiscoveryournetwork.Theconfigurationshouldbeselfexplanatorywiththecommentsinthefile.
It'sdividedintothefollowingsections:
1. DeviceAccessdefinescredentialsandmethodsforcontactingdevices2. DiscoverycontrolsIPadrressspace,portsused,andborderswithinwhichdiscoveryshouldoccur3. BackendsetsDBaccess,systemsettingsandintegrationwithothertools4. Messaging&Monitoringtakescareofpollingandnotificationsettings5. NodesRelatedcontrolshownodesshouldbereadfromdevices,andhowtheyshouldbetreatedafterwards6. GUISettingscontrolmenuitemsandappearance
Userpasswordscanbeenteredencryptedwiththeusrseckeyword.ThesecretusedtoencryptisinthefunctionXORpass()withininc/libmisc.pm.Changeitformoresecurity(butdon'tforgettoadaptafteraNeDiupgradeorpatch).Thisprotectsthepasswordsfrompryingeyesinnedi.conf,butofcoursenot,ifthepersonhasaccesstolibmisc.pm.
Manythingscanbefine-tunedatalaterstage,buttheseparametersshouldbeconfiguredproperlyfromthestart:
rrdstepsetsthetimestepofthegraphsupontheircreation(correspondstothediscoveryinterval)cli-credentialsforCLIaccestogetMACaddresstablesonCiscoswitchesand/orconfigurationbackup
Ifyoudiscoveryourentirenetworkwiththosesettingswrong,youhavetodeleteallgraphsorresetthe"CLIaccessinformation"ondeviceswhichfailedduetoincorrectcredentials.
Ifyou'reusingdiscoveryprotocols,youmayhavetospecifyaregualrexpresion(regexp)tospecifyborderdeviceswherethediscoveryshouldstop,orlimitthevalidIPaddressrangewithnetfilterregexps.OtherwiseNeDimightwanderoffandsendreadcommunityandCLIcredentialstoalldestinationsitcanreach.Limitingthediscoverymayalsobenecessaryif,forexample,youdoparalleldiscoveries(seetablebelow).
15
![Page 16: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/16.jpg)
Editseedlist
AddsingleIPsorrangeslike:
10.10.10.1
10.11.10.1-254
10.12.1,3,5,17.10mycomm
10.13.1,3.10-15newcomm-CH;Zug;Seeweg1;U;Lab
Itisrecommendedtoadd"-Ptimeout"topingseedsdevicespriortodiscovery,ifyouuseranges.AcommunitystringcanbeaddedaftertheIPtooverridethoseinnedi.conf(Note:SNMPv3credentialsstillneedtobedefinedinnedi.conf,astheyrequiremoreargumentsthattheseedlistdoesnotsupport)Name,locationandcontactcanbeaddedaswelltooverrideinformationderivedfromdevices(puta-toignore,e.g.thenamecannotbesetforranges)Use-uoptiontospecifyseedlistfile(e.g.forparalleldiscoveries)
Afterthelinesthataddseeds,youcanrestrictrangesaswell.Justputa!atthebeginning.Thisallowsformoresophisticatedscanningofnetworkranges.Here'sanotherexample:
#Addingdesiredranges
10.11.10-13,15.1-254
10.11.22.11-200
#ExcludingunnecessaryIPs
!10.11.11,22.17
!10.11.11,22.17
Ifyoudon’twanttoeditseedlistsyoucanaddtarget(s)withthe-aoptionfollowedbyanIPorrange.
16
![Page 17: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/17.jpg)
DiscovertheNetwork
Onceyouhavetheprerequisitesinplance,andyouhaveyournedi.conffile(andoptionallyyourseedlist)settogo,itistimetolaunchyourdiscovery.TheeasiestwaytodosoisfromthewebGUI,andforinstructionsondoingthis,readon.Youcan,however,launchthediscoveryscript,nedi.pl,fromacommandline,andcontrolagivendiscoveryrunwithcommand-lineoptions.Ithasevolvedtobeaflexibletool,coveringdifferentneeds.Ifyouonlywanttoknowforexample,wherecomputersareconnectedtoanddon'tcareaboutlinecardsorinterfaces,youcansimplyskipthem.Thisspeedsupthediscoveryandcauseslesstrafficonthenetwork.Itcanalsomakesensetoupdatemodules,deviceaddressesandvlansonlyonceatnight(andmaybeskipARPandMACaddresstablesinstead).That'swhereapropercrontabscheduleletsyouoptimizeregulardiscoveries(seebelow).
It'salsoimportanttogetafeelingfordiscoveringnetworkcomponents.Somedevices(likestackedswtiches)cantaketheirtimetorevealtheirmodulesorevenrefuseifthey'rebusy(asseenonCiscoCat4k5).
Anotheraspectofthediscoveryishowalldevicesofthenetworkshouldbefound.Theseedlist(describedabove)isoneoptionandcanbeusedinconjunctionwithdiscoveryprotocols,routingtablesorOUIlistings.Ofcoursenewdevicescanbeaddedmanuallyaswell...
Youcanusethefollowingexamplestodeterminethebestapproachtodiscoveringyournetwork,andoptimizeyourNeDiinstallationaccordingly.Whencalculatingdiscoverytimes,agoodruleofthumbistoassumea5saveragediscoverytimeperdevice:
NetworkType DiscoverMethod
1site,upto100devicesofsamevendorwithLLDPorCDPenabled
Setrrdstepto900innedi.confLeaveseedlistemptyorspecifyacoreswitchRun"nedi.pl-p"every15minutes
1mainsiteandacoupleofremotelocations,upto500devicesofseveralvendors
Leaverrdstepat3600innedi.confPutanIPforeveryCDPorLLDP"island"intheseedlistRun"nedi.pl-p"everyhour
1or2mainsitesandmanyremotelocations,upto2000devices
Leaverrdstepat3600innedi.confCreate4seedlistssplittingupthesitesRun"nedi.pl-puseedlist"foreveryseedlistyou'vecreatedinpreviousstepwith5min.offseteveryhour
Manysiteswith5000devicesormore
Setrrdstepto14400(4h)innedi.confCreateseedlistssplittingupthediscoveries,withthatthelongestonestakearound2hRun"nedi.pl-puseedlist"with5min.offsetevery4hYoumayalsoconsidersettingupNeDiagentsineverymajorsiteanduseacentralNeDimaster
Additionalhints:
Ifyoudon'twanttoaddeverydevicenotsupportingdiscoveryprotocolstotheseedlist,youcandiscoverthemmanuallywithnedi.pl-a.Thenyoujusthavetomakesurethey'rerediscoveredbyusing-Adbqueryinsubsequentdiscoverieswhichwilladdthemasseedsfromthedatabase.Ifyouwanttohavelesscommondevicesaddedautomatically,trytheouidiscoverymethod:Addavendortotheouidevregexpinnedi.confandusenedi.pl-o.TheMACaddressesofallarpentriesarenowresolvedtotheirvendorsandcheckedagainstthisregexp.Ifitmatches,theIPaddressisthenusedasnewseeddevice.This
17
![Page 18: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/18.jpg)
methodisnotrecommendedforvendorsproducingNICchipsetsorcomputersasNeDiwouldtrySNMPaccessonallofthoseaswell!EitherusetheGUImoduleSystem-NeDiorstartitdirectlyfromtheCLI.Makesureyou'redoingthelatterasthesameuserasyourunthecrontabwithorRRDswon'tgetupdatedcorrectly.You'llprobablygetthebestresults,withusingtheCLIandthe-voptionstocloselyfollowthediscovery.
Theseoptionsdefinehowneighborsshouldbeadded:
1. -pUsedynamicdiscoveryprotocolslikeCDPorLLDP2. -osearcharpentriesfornetworkequipmentvendorsmatchedbyouidevinnedi.conf3. -ruseroutetableentriesofL3devices
ArunwithoutanyoptionswillresultinaplainstaticdiscoveryusingtheSeedlistorthedefaultgateway,ifyouhaven'taddedanyseedsthereyet.
Using-AletsyouaddseedsdirectlyfromDB.Forexamplequeueallsnmpdevices:
nedi.pl-Aall
OrqueueallIOSdevices:
nedi.pl-A"devos='IOS'"
Similarly-OcanbeusedtoqueueARPrecordsmatchingcertainMACaddressesorvendorstrings:
nedi.pl-O"oui~'Extreme'"
18
![Page 19: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/19.jpg)
Editcrontab
Afteryousetupnedi.pltorunthediscoverythewayyouwantitto,youwillwanttohaveitregularlycheckthenetworkfornewdevices.NeDiwillkeepaddingwhatitfinds,andtellyouwhendevicesappearanddisappear.Asshownabove,howoftenyourunitisuptoyou,andshoulddependonthesizeofyournetwork,howlongdiscoverytakes,andhowimportantitistoyoutofinddevicessoonaftertheyappear.Mostinstallationsliketohavedatauptodatewithinafewhours,butforsomeonceadaywillsuffice.Notethatthefrequencyofdiscoveryismostlyindependentofthefrequencyofmonitoring,andthissectiondescribeshowyoucansetthefrequencyofdiscoverywiththecrondaemon.
CronisastandardUnixdaemonallowingexecutionofspecificprogramsatgiventimes.Afilecalledcrontabisusedtoschedulethetasks.Itsformatisfairlysimple.Everylinestartswiththetimefields(minutehourdaymonthweekday)followedbythecommandtobeexecuted.Theoutputofthecommandscanberedirectedtologfiles.ThesecanbereviewedinthewebGUIunderSystem-Files.Thedefaultpathis/var/log/nedi.A%characterneedstobeprecededwithabackslash.
#Crontabexamplerunningevery4h
0*/4***/var/nedi/nedi.pl>/var/log/nedi/nedi-`date+%H`.run2>&1
YoucansimplyuseSystem-Filestoeditthecrontabfile.It'llbeautomaticallyappliedfortheuserrunningthewebserveruponwriting.ThismeansRRDfilesshouldbelongtothesameuserortheycan'tbeupdatedbythescheduleddiscovery.It'scommonpracticetosimplyletthisuserownallfilesintheNeDifolder.
19
![Page 20: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/20.jpg)
AssetDiscovery
LifecyclemanagementofITinfrastructurehasbecomemoreandmoreimportantoverthepastyears.NeDicanbeoptimizedtocovermanyaspectsofthisprocess.Itstartswithcollectinganinventory,andcomparingittovendorlife-cycleinformationandmaintenancecontracts.ThedatacanthenbeexportedwithNeDi'sAPIforfurtherprocessinginyourenvironment.
UsingNeDi
Asmentionedbefore,thediscoveryhasbecomeveryflexibleandcanbeoptimizedforgatheringassetsonly.Inthisscenarioyou'reprobablynotinterestedingraphs,interfacesstatistics,ARPorMAC-addresstables.
Ontheotherhandyouwanttoadddiscovereddevicesandmodulestotheinventorytable.Thefollowingcommandwillachievethat:
nedi.pl-SAFGgadobewitjupv-Yam
IfyouuseSystem-Fileswith"update-replaceconfig"andselect"ciscoeol.tgz",it'llessentiallyunpackafilecalled"ciscoeol.csv"inthenedirootfolder.Ifnedi.pliscalledwith-Yoptions,alldevicetypesandmodulemodelsarecomparedagainstthatfileforEoLinformation,whichwillbeaddedtotheassetrecord.
AsofnowonlyCiscoproductsaresupported.Datafromothervendorswillbeprovided,shoulditbecomeavailableAsanalternativetoEoLdata,youcanuploadmaintenancecontractinformationinAssets-Management
UsingNoDi
NoDistandsfornode-discoveryandmovesonestepfurtherawayfromnetworkinfrastructure,towardstheendnodes.ThisfeatureallowsforcompletingtheITinventoryorprovidingmoreinsightinregardstosecurityormonitoringtasks.Asasideeffect,NodimonitorsandgraphsCPU,Memory,TemperatureandDiskIOaswell.
ItusesSSHorWMItoretrieveinformationfromUnixorWindowshosts.ThelatterreliesonwmicprovidedbyOpenvas.
Editnodi.conftodefinethecredentials(encryptedpasswordsaresupportedaswell):
Thefirstusrorusrsecentryshouldbeadomainadminasit'susedfordefaultWMIauthenticationAllsubsequentusrorusrsecentriesareusedforSSHAusercanbeforcedwith-uoptionTheworkinguserisstoredintheDBandwillautomaticallybeusedinsuccessivediscoveries
It'spossibletostorethenodediscoveryinformationinanewdatabase,tokeepnetworkmangamentseparated:
Changedbnameinnodi.conftosomethinglikenedi_nodeChangearpwatchinnodi.conftothenedidbname(usedwith-Otoreadarpentries)Usenedi.pl-i-Unodi.conftocreateitUsenodi.pltodiscoverthenodesUseSystem-Snapshottoswitchbetweenthedatabases
20
![Page 21: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/21.jpg)
Troubleshooting
Testing
The-toptionletsyoutestaparticulardiscoveryaspect.Nodatawillbewrittenuponcompletion.
Forexample,ifyoucreatedacomplexseedlist,youcantestitwith-ts.Thisshouldbecombinedwithverboseordebuggingoutput,toactuallyseesomething:
nedi.pl-vts
Debugging
Ifyouencounterproblems,makesureyouunderstandwhatyou'relookingfor.Anydiscoveryrelatedproblems,suchasdynamicdiscoveryprotocols,authenticationorjustproperlyidentifyingdevicescanbedebuggedwith-dand-D:
-dbshowbasicdebuginformation-ddshowdatabasequeries-dsshowsystemstats-dclogCLIaccesstoinput.logandoutput.log(open2moreterminalsandtail-ftothem)-dvcreate*.dbfilestostoreinternalvariablesafterthediscovery(forusewith-D)-Dwillnotdiscoveryournetwork,butratherusethepreviouslygenerated*.dbfilesonfunctionstobedebuggedinnedi.pl's"DebugMode"section(intendedfordevelopers/meonly)
21
![Page 22: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/22.jpg)
FrontendOverview
RESTAPI
PriortoNeDi1.7onlyPOSTcallswiththefollowingvariablesweresupported:
u=username(onlyuserswithoutaDevice-Filterareaccepted)p=passwordt=table(e.g.devices)q=query(e.g.device='charon')
Arewriterule(e.g.fornginx)makestherequestsmorehumanreadable:
location/api{
rewrite^/api/(w*)$/query.php?t=$1&q=$argslast;
}
AsofNeDi1.7regularGETcallsusing"BasicAuthentication"becameavailableaswell.Thismakesintegrationmucheasierasshownwiththe"RESTClient"addonforFirefox:
Asyoucansee,someinformationabouttheNeDihostisreturnedinthefirstelement.
22
![Page 23: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/23.jpg)
ManagingAssets
Nedimanagesthelife-cycleofyournetworkinfrastructurefrompurchasinguntildisposal.Itallowsyoutoincludevendor'sendoflifeinformationinordertoidentifyunsupportedhardwareandmaintenancecontracts.Thelatterletsyoufindhardwarenotundermaintenanceoritemsyou'repayingfor,thatdon'tevenexistinyournetwork!
Assetsarestoredintheinventorytable.TheycanbemanuallyaddedwithAssets-Managementorautomaticallywiththe-Yswitchinnedi.pl.
Possiblelife-cyclestages:
1. New:Addingdevicesandmodulestoinventoryviabarcodescanner(keepingtrackofspares)2. Active:Itemswithserialnumberscanautomaticallyupdatedupondiscovery(managingequipmentinuse)3. Used:Itemhasbeenremovedfromnetworkandputbackinstorage.4. Replaced:Itemhasbeenreplacedbyaanotherone(e.g.RMA)5. Disposed:Itemhasbeenremovedfromnetworkandandtrashed6. Traded-in:Itemhasbeenremovedfromnetworkandtradedinfornewones
CiscoEoLinformation
Afilecalledciscoeol.tgzcanbeuploadedwithSystem-Files.ItcontainsalistofallproductswithknownEoLinformation.Thefieldsaremappedasfollows:
"MigrationProductID"isaddedtocomment"EndofRoutineFailureAnalysis"Dateismappedtoendsupport"EndofServiceContractRenewal"ismappedtoendwarranty"LastDateofSupport"ismappedtoendlife
23
![Page 24: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/24.jpg)
TheNeDiGUI
NeDifeaturesamodularfrontend,whichcaneasilybecustomized.Thisisdonebycommentingoutorincludinglinesbeginningwith"module"innedi.conf.Ifamoduleisenabledinthefile,themenuitemcorrespondingtothemoduleisincluded.The"Section"controlsthetopmenu,andthe"module"tothemenuitem.TheSection-Module.phpinterpreststheselines.Theiconusedisspecifiedinthe3rdcolumn.Thegroupdetermineswhichusersareallowedtoseeandusethatparticularmodule,soitcanbecustomizedforclassesofusersaswell.
TheNeDiwebGUImoduleshavemanycommonelements.Here'ssomeusefulinformationtokeepinmindwhileusingtheGUI:
Eachmoduleconsistsofaheaderrowandamaininputform.Alargerversionofthemenuiconalwaysshowsuptotheleftandaclickonitresetsthemoduletoitsdefaults.Ifyouhoveroverit,theexactmodulenameisrevealed(showninthefooteraswell)If"Listoptimize"isselected(nextto inUser-Profile),ahistoryisshownnexttothemenuUsethe"FindIT"searchfieldintheheader,togetquickresultsonanytext,IPorMACaddressTheprinticon intheheaderopensaprintableviewofthecurrentmodule(usuallywithoutthemaininputform).OnmostlistsyoucanclickontherowstohighlightthemYoucansavethestateofmostmodulestoabookmarkorusethenotepadicon intheheadertoaddalinktotheadminmessageinUser-Profile(lookfor"EDIT"onthebottomandchangeaccordingly)TextlinksusuallyleadtoapplyingafilterwithinthecurrentformNumbersafterabar-image(e.g.#ofdevicetypes)takeyoutothecorrespondinglistmoduleUsedSQLqueriescanbeshownbyclickingonthedebugicon (onlyshownforadmin).ItexecutesthequeryinOther-ExportforquickanalysisRegularuserssee andthosehavingaviewfilterappliedget instead.Hoveringoveritrevealstheusernameandcurrentservertime
24
![Page 25: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/25.jpg)
Lists
NeDidisplaysmostofthedataitfindsintabulardisplays,andthesearecontrolledby"Listmodules".Thepresentationofdatacanbehighlycustomizedandexportedtovariousformats.Ifyouneedtofilter,show,andsearchthroughthedata,youshouldlearnhowtomasterlists.Here'swhatthelistcontrolsdo:
Bydefaultsomereportsareshownonthebottomofmostlistmodules.The settinginUser-ProfiledetermineshowmanyentriesareshownClickingonatextlinktakesyoutothefull-featuredreportUsethe"Columns"selectboxtoaddorremovethecolumnsyouwishtosee(holddownCTRLtoselectmultiplecolumns)If"Listoptimize"isselected(nextto inUser-Profile),thecolumnsarepersistentfortheentiresessionandareportisshownbydefaultYoucanusethetemplatesasquicklistshortcutsInthefiltersection,youcandefineacriteriaandselectthecombinationoperatorsAND/ORtoadduptofourconditions(firstandsecondpairsmaybegroupedtogetherwithbrackets)Alternativelyyoucancompare2columnsdirectlybyusingtheothercombinationoperators(e.g."1=2"withcolumns"FirstDiscover"and"LastDiscover"selectedtolistdevicesonlyfoundonce)Thelastmapcanbeincludedvia andalimit canbechosenaswell(defaultis250)Thetriangles intheheaderrowallowforthelisttobesortedaccordingly.They'renotavailableonspecialcolumnscontainingrealtimedataorgraphsandotherstatisticsYoucanexportlistsasXLSbyclickingonthespreadsheeticon ,ifshownintheheader
25
![Page 26: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/26.jpg)
Monitoring
NeDidoesmonitoringaswellasdiscovery.Theprogrammoni.plisusedtocheckthehealthanduptimeofdevices,andyoucancombineitwithtrap.plforSNMPtraptranslation,syslog.plforlogmessages,andnedi.plitselfforthemonitoringofdiscoveryevents.NeDiuseslevelsandtriggerstocategorizeandalertyouwhenmonitoringfindssomethinginteresting.Discovereddevicesarenotmonitoredbydefault.Anythresholds(CPU,Memetc.)andnotificationtriggersareappliedfromnedi.conf.Syslogeventsonlyreceivealevelof30(Other),andthuscan'tgeneratealerts.
Inordertomonitortargetstheyneedtobeaddedtothemonitoringtable,sincedevicesandnodesaredynamicallyoverwrittenbythenetworkdiscovery(nedi.pl)andyoudon'twanttolosethelistofmonitoreddeviceseachtimethishappens.YoucandothisinDevices-ListorNodes-Listbyfirstfilteringthedevicesyouwanttomonitorwiththelistcontrols,thenclickingthe"Monitor"button.AlternativelyyoucanaddsingletargetsinDevices-Statusbyclickingonthebinoculars .Onceaddedtomonitoring,targetscanbefurtherconfiguredininMonitoring-Setup.
Themonitoringdaemonmoni.plfirstsendsnon-blockinguptimerequeststoallSNMPtargets.Afterwardsallothertargetsaretestedsequentially(factoringinavailabilityoftheirdependencies).Forexample,adualhomedweb-serverwillonlybecheckedifatleastoneoftheconnectedswitchesreturnedanSNMPuptime.
TCPpingisusedbydefaultfornodesandnon-SNMPdevices(thiscanbechangedtoICMPinMonitoring-Setup)Uptime(orSNMP-Enginetime,ifsetin.def)ischosenfordevicesasitcandetectintermittentrebootsaswellBGPpeerscanbemonitoredaswell,ifBGP4-MIBissupportedonadeviceIFoper-statuscanbemonitoredaswell(e.g.onrouterorserverswitches)Themonitoringdaemonshouldbestartedautomatically.Italsoreliesonnedi.conf,whereyoucansettheintervalbetweenpolls,howmanytestsadevicecanfailbeforeitismarkedasdown,andhowalertsshouldbesentIfyouchangethesettings,theywillbeeffectiveasofthenextpollingcycle.Ifyouwanttoseeresultsimmediately,restartthedaemonfromSystem-ServicesIfatargetisreportedtobedown,anentryiscreatedintheincidentstablewiththestarttimesettothetimeit'sdetectedat.Theendtimewillbeaddedautomatically,whenthetargetisrespondingagain.IncidentsareacknowledgedbyclassificationinMonitoring-Incidents
DuetolimitationsoftheSNMPperlmoduleandnon-blockingrequests,latenciesarenotaccurateunlessyoumodifyNet::SNMP'sMessage.pm:
Line23:
useTime::HiRes;
Line691orso,abovedebugoutputinsend():
$this->{_transport}->{_send_time}=Time::HiRes::time;
MessageFlows
Thefollowingdiagramexplainshowevents(originatingfromsyslog,trap,discoveryandmonitoring)areprocessed.
26
![Page 27: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/27.jpg)
27
![Page 28: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/28.jpg)
Reporting
Thissectionaggregatesinformationandprovidesextensiveviewsofthecollectedinformation.Thereareseveralreportstiedtotheirrespectivedatabasetables(i.e.devices,modulesornodes)anda"CombinationReport",whichfocussesonatask(likeassetmanagement),whichdependsonseveraltables.Usingthereportssectioninvolvesthefollowing:
Settingafilter,ifdesired.AnyfilteryousetistakenintoaccountforlinkstoothermodulesSelectingthereportsyouwant(holddownCTRLformultipleselection)Usethetemplatesasquickfiltershortcuts(seetheiconsontheleftofreportselectbox)Thelastmapcanbeincludedvia andadisplaylimit canbechosenaswell(defaultis10)Reportscanbe"optimized"with (tablecaptionsreveal,what'sbeenoptimized)"Alternativesort"via useskeysratherthanvalues(tablecaptionsrevealwhathasbeensortedon)
28
![Page 29: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/29.jpg)
GUIModules
Thissectiondescribesthevariousmodulesandtheirfunctions.YoucanenableordisablethesemodulesintheGUIsettingssectionofthenedi.conffile.
29
![Page 30: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/30.jpg)
Assets-List
Thismodulelistsassetsfromtheinventorytable.
Youcanmakechangestomultipleassetsforthestateandmaintenancerenewalbyselectingdesiredvaluesandclickingupdate.Youcandeleteallfilteredassets(ignoringlimitsetting)byclickingdelete.Thisfeatureshouldbeusedwithcare!
30
![Page 31: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/31.jpg)
Assets-Locations(LocationList)
ListlocationscreatedwiththelocationeditorAssets-Loced.Thefollowingfunctionsareavailable:
TheexecutecolumnrevealslinkstoothermodulesorexternalmapsIfphotosareuploadedtotheappropriatetopofolder,theycanbeaccessedintheFilescolumnANeDi-orstatic-mapcanbeaddedaswell.Ifthecoordinatesareavailable,labeledmarkersaredrawn
31
![Page 32: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/32.jpg)
Assets-Loced(LocationEditor)
Thismodulecanbeusedtoplacelocationsonpreviouslyuploadedbackgrounds,usingSystem-Files.Alternatively,ifyoucheckthefirstboxtotherightof youwillenableNeDi'sgeocodingAPI,whichautomatestheplacementoflocations.Whenenabled,locationnamesareusedtosearchforthecorrectcoordinates.Ifyoucheckthesecondbox,thedescriptionisusedinstead.Createthelocationsandenterdescriptionspriortoenablingcheckingthisoptionforbestresults.
UsagewithBackgroundImages
Thedefaultletsyouplaceyourlocationsonabackgroundimageandcanbeleveragedwiththe"bgmap"maptypeinTopology-Maps.Atfirstyou'llseethetoplevelmap,whichisaworldmapbydefault(I'llchangethisassoonasNeDimanagesnetworksonothercelestialbodies).Selectaregionandclickonthemaptosetthecoordinates.You'llnoticethatvaluesarebeingpopulatedandthe'Add'buttonbecomes'Update',ifthelocationalreadyexists.Ifyouwantmultiplelayersforyourmaps,uploadlowerlevelmapstothecorrectlocationinthetopofolder.Forexample,sayyournetworksitesarelocatedin2regions(USAandEurope).Justnamethemapfilesbackground.jpganduploadthemtotopo/USAandtopo/Europe.Now,whenyouselectcitiesinthoseregions,theappropriatemapshouldbeshown,andyoucanplacecitiesaccordingly.Thisalsoworkswithincities(makessensewhereyou'vegotabigmetropolitannetwork).Justuploadbackground.jpgtotopo/Europe/ZurichandassoonasyouclickonbuildingsinZurichyoucanplacetheminthatmetropolitanmap.ThesubfoldersarecreatedautomaticallywhenyoudrilldowninTopology->TablewithOpenstreetmapsenabled.
UsagewithGeocoding
SelectthelocationyouwishtoaddIfitdoesn'texistorthecoordinatesare0(ifit'sbeenaddedtoabackgroundimagepreviously),ageocodinglookupisperformedandthecoordinatesareshowninblueIfyouuseinternalnamesforyourlocations,youcanentera"geocodable"nameascommentandclickaddActivatedescriptionmodewiththe2ndcheckmarkrightofAdraggablemarkerisplacedonthemap,whichcanbeadjustedtofityourneeds(coordinatesturngreen).EnteradescriptionandclicktheaddbuttonIfthisdoesn'tworkforyou,clickon toenteranaddressmanuallyThecoordinatesshouldstayblack,asthey'rereadfromtheDBnow
32
![Page 33: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/33.jpg)
Assets-Management
Thismoduleallowsyoutoaddoreditoneassetatatime.
Assetsummariesareshownbydefault.Clickonthetexttogetafilteredlistofmatchingassets,andclickonthevaluetoadditemstotheAssets-Listmodule.Useabarcodescanner(senda"tab"uponsuccessfulreads)toscantypeandserialnumber,orjustenterthemmanually.Specifylocation,condition,source/providerandwarranty.Ifthelatteroneiscloserthanamonthawayit'llbehighlightedwiththe"warning"color,orwiththe"critical"colorifalreadyexpired.Clickonthe Icontoopenthepanelbrowser.RefertoDevices-Modulesforalistofpossibleclasses.Ifyoulistbyaproperty(e.g.location),theappropriatefieldonthetopispopulatedaswellforeasierbatchadditions.Youcanedittheitemslistedbyclickingontheirserialnumbers.Thecurrentlistwillstay.Notethatthefocuswillmovetothelocationfield,asserialnumberscannotbeedited.Youcaneitherupdateordeleteanitemnow.Ifyouclickonaclassicon,yougettotherespectivedeviceormoduleifithasbeendiscoveredYoucanexportalistasXLS,buttheAssets-Listmoduleismoreflexibleinthatrespect.
YoucanuploadaCSVfilecontainingassetswiththeirmaintenancecontractinformationaswell.Specifythefollowingintheformandselectthefile:
SelectdateformatusedintheCSVfileFieldseparatorRowstoskipfromtop
Currentlythecolumnsinthefiletobeimportedneedtobearrangedlikethis:
Field Example Description
Class License OnlySoftwareorLicenseisidentified.Everythingelse(e.g.Chassis)canbedeterminedupondiscovery
SLA 7x24 Storedin'ServicesLevel'
type 2520-8G-PoE ThetypeasspecifiedbyvendorcanbeusedtodetermineitsEoLstatus
serial 123456ABC TheSN#istheprimarykeyintheinventorytable
count - Currentlyignored(justaddanemptycolumnfornow)
serial2 ITEM2345 Willbeused,ifthefirstSN#wasnotavailableforsomereason
contact SherlockHolmes Storedin'AssetContact'
address 221bBakerStreet Combinedinassetlocationwithplace(toplace;address)
place London Combinedinassetlocationwithaddress(toplace;address)
description anythinguseful Storedin'MaintenanceDescription'
renewal Yes/NoJa/Nein Determineswhethermaintenancecontractsarerenewedornot(MaintenanceStatus)
endofmaintenance 05/26/2015 Currentmaintenanceenddate
endofsale - Currentlyignored(justaddanemptycolumnfornow)
endofsupport 05/26/2036 Endofroutinefailureanalysis
EndofLife 05/26/2071 Lastdateofanysupport
33
![Page 34: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/34.jpg)
Devices-Config
NeDiwillbackupyourdeviceconfigurationsifithasprivilegedCLIaccessandyoutellittowith-b,or-Bx.WiththeDevices-Configmoduleyoucanreviewandcomparebackedupconfigurationsandtheirchanges.
Aconfigreportandrecentbackup-relatedeventsareshownbydefault.Therearetwomodesofoperationwhicharelistandcompare.
ListConfigurations
Forsimplelistingofconfigurationvalues,followthesesteps:
1. Searchfortextbysettingafilter2. Limitnumberofdisplayedcharactersintheexcerpts3. Limitnumberofdisplayeddevices4. Clickonanexcerpttoviewthewholeconfiguration
CompareConfigurations
Youcanusethismoduletoquicklyseedifferencesbetweenstoredconfigurations.
1. Chooseareferencedevicefromthe"List"selectbox.2. Noweitherselectthe2nddevicefromtheleftselectboxin"Comparison"orleaveitat-Type-tocompareagainst
allconfigurationsofthesametype.3. Selecthowtheoutputshouldbedisplayed.
Whenviewingaconfigurationyou'vegotthefollowingoptions:
Toggleslinenumberdisplayforeasierchangereview.SuppressesthemotdcharacterwiththatconfigurationsofCiscodevicescandirectlybecopiedanpasted.UseSystem-Databasetodisplaytheconfigasplain-textorselectafileversioninthechangesareatoeditthe
actualfile(availablewhenyourunnedi.pl-Bx).Clearsconfigurationorchanges.
34
![Page 35: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/35.jpg)
Devices-Doctor(DeviceDoctor)
Presentsdevicespecificdiagnosticreportsandpointoutpotentialproblems(alternativelyyoucanselectaconfigwhichwillbedisplayedincontextgroups).
1. Generatea"showtechall"fileonaHPProCurve/ArubaorCiscodeviceandstoreitlocally.2. Browseforthetechfileyouwishtoanalyze.3. ClickShowtoprocessit.
Note:Thisfeatureisstillbeingrefinedformoreaccurateresults.
Redlettersonayellowbackgroundrevealpotentialproblems(hoveroverit,tolearnwhy).Adjustthebroadcast/trafficratio(default10%)toidentifyproblemsoninterfaces.Greenlinesmeanthatacheckedconditionlooksok.DarkredandOlivegreenlettersrepresentinterfacestatusintherespectivecontext.
35
![Page 36: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/36.jpg)
Devices-Graph
Thismoduleallowsyoutodynamicallygeneratestackedinterfacegraphsandmuchmore.
PleasenotethatNeDi'sgraphingfeaturewasimplementedasanadditiontothediscoverywithlowestpossibleresourceandmaintenancecostinmind.
Itwillnotgraphthose5minutepeaks(unlessyourunNeDievery5minutesinverysmallnetworks),butprovidesalongtermviewofeachandeveryinterface.Thistranslatestobaseliningandpredictionofpotentialbottlenecks,insteadofidentifyingerraticoutburstsofanykind(You'dpreferusingatoollikeCactitomonitorthisinstead).
Selectanytopgraphsifyouwishtogetthebigpictureonyournetwork.Selectingadevicewillrevealitsinterfaces.Youcanchooseseveralofthemtobestackeddynamically(doesn'tworkforIFstatus!).Selectseveralgraphsourcesatoncetocorrelateandinvestigateproblems(e.g.CPUload,broadcastsonsomeinterfacesofadevice)SystemrelatedgraphsareCPU,MemoryandTemperatureandacustomgraphforothervalues.Usedoublearrowstomovestart(topone),thewholegraph(middle)oritsend(bottomone)byweeksorsinglearrowsfordays.Clickonadateicontomanuallysetastartorendtime.Ifyoucan'tlivewithoutdegreesinFahrenheit,adjustthesettinginUser-Profile.CPUandmemorycorrespondstoSystemloadandbatterycapacityonUPSunits'.
IfyouuseCactionthesamehost,youcanintegrateitintoNeDi:
Configurethecactioptionsinnedi.conf.NowyoucanadddevicesandinterfacestoCactihereinDevices-Graph.AcactiiconwillbeshowninDevices-Status,ifthedeviceisavailableinCacti.Clickingonittakesyouthere.
36
![Page 37: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/37.jpg)
Devices-Install
Thisisapremiummodule,onlyavailablewithNeDi+.Findmoredetailshere
AtthistimeonlyHPProCurveSwitcheshavebeentested!
ThismoduleispartofNeDi'sprovisioningsystem.Itallowsforinstallingunconfiguredswitchesupondiscovery.Theprocedureisdividedintothefollowingsetps:
1. CreateinstallentriesspecifyingdevicetypeandIPaddresstobematched.ThedesirednameandIPsettingsneedtobesetaswell,restisoptional
2. CreateaninstalltemplatewithSystem-Files(seebelow)3. Performinstallation(withnedi.pl-Torchecking"Install"inSystem-NeDi).IftypeandIPmatchaninstallentrywith
thestate"New",thetargetIPispinged4. Ifnoanswercomesbacktheentryisusedtocreateadeviceconfigurationfromtheinstalltemplate.Thestateof
theinstallentryischangedto"Active"5. IfthedeviceisdiscoveredwiththenewIPaddressthestateoftheinstallentryischangedto"Used"6. Checkverbosenedi.ploutput,ifstatuschangesto"Broken"7. Bydefaultaninstallentriessummaryreportisshown
InstallTemplate
Aninstalltemplatepersistsofaseriesofcommands(1commandperlinewithoptionalconfirmationandtimeoutseparatedby;)topreparethetargetdeviceandaconfigtemplatewithplaceholders,whicharefilledinfromtheinstallentry.Ifused,thepasswordistakenfromtheappropriateuserinnedi.conf,butusuallyisafixed/encrypedstring
Clicommand1
Clicommand2;y;600
Clicommand3;y;0
===
sysname%NAME%
ipaddr%IPADDR%%MASK%
ipdefaultroute%GATEWAY%
vlan%VLANID%
snmplocation%LOCATION%
snmpcontact%CONTACT%
username%LOGIN%
password%PASSWORD%
enablepassword%ENABLEPW%
37
![Page 38: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/38.jpg)
Devices-Interfaces(InterfaceList)
Listdeviceinterfaces,theirpopulationandgraphs.ItalsoallowstoaddselectiontoNode-Trackorsetindividualthresholds.
Iftheinterfacestatusisdiscovered,thetypeiconisimbuedwiththerespectivecolor(notrealtime).It'llbe"admindown"(or0),ifit'sbeenskippedineverydiscovery.Interfacesofcontrolledaccesspointsarenotpolledandsettounknown(or128).Setalertthresholdsnextto andclickUpdatetooverridethevaluesinnedi.conf(enter0toclear)Settrafficto101%orbroadcaststo65000,ifyouwanttoignorerespectivealertsonparticularinterfaces(101%duetopotentialroundingerrors,largervaluesareignoredasofNeDi1.8)SettingaMACfloodthresholdallowsthisinterfacetodiscovermultipleCDP/LLDPneighbors(e.g.inahubandspoketpoplogy)ThepopulationtakesyoutotheNodes-Listwhereyougetdetailedinformationontheconnectednodes.ThegraphsizecorrespondstosettinginUser-Profile.Bydefaultaporttypeandstatusdistributionreportisshown
38
![Page 39: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/39.jpg)
Devices-List
Listdevices,systemgraphs,population,freeaccessportsandconfigurationstatus.RealtimeSpanning-Treeinformationcanbeaddedfortroubleshootingaswell.
Unselectingthedevicecolumnhidestheiconsi.e.tocreateasimpletextlist.Theserialnumberischeckedagainsttheinventoryandreflectssupportandmaintenancestatus.Clickonittoadditorupdateanexistingasset(e.g.totrackdecomissioneddevices).TheselecteddevicescanbemonitoredbyclickingtheMonitorbutton(gotoMonitor-Setuptoconfigurethemfurther).Theselecteddevicesandrelatedinformation(e.g.modulesandinterfaces)canbedeleted,byclickingtheDeletebutton.Bydefaultavendorandtypedistributionreportwithoutpiechartsisshown.Devicespecificthresholdscanbeeditedbyclicking andUpdatetochangeitonvisibledevicesIfyousetsupply-alert,PoE-warningorARPpoison-thresholdto0,thedefaultsfromnedi.confaretakeninstead
DeviceOptionsareusedinternallytodescribethedevice'scapabilities.Theycanbeusedforfilteringaswell.A'-'indicatesthatapropertyisnotavailable:
Position Character Description
1 A,- ifAliasfromIF-MIB
2 C,W,- CPUutilizationorWattageonUPSdevices
3 P,S,N,- Power-EthernetMIBsupportandhowinterfacesrelatetoit
4 I,- Hasinterfacesornot
5 d,s,i,m,r NamefromDNS,sysname,IP,mapped,mappedwithregex
6 c,m Contactfromsyscontact,mapped
7 l,m Locationfromsyslocation,mapped
8 U,S Uptime(overflowevery1.3years,SNMP-engine-time)
39
![Page 40: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/40.jpg)
Devices-Modules(ModuleList)
Listmodulesandcomparehard-andsoftwarerevisionsforexample.You'llalsoseeVMs,Serverblades(onHPBladechassis)orevenprintsuppliesaswell(ThesupplylevelsareheldintheFWandHWfields).
Bydefaultamodelanddescriptiondistributionreportisshown
ModuleClasses
Thefollowingtablelistspossibleclassesformodules.Theycanbeusedforassetsaswell:
Icon Class Description
1 Other
2 Unknown
3 Chassis
4 Backplane
5 Container
6 PowerSupply
7 Fan
8 Sensor
9 Module
10 Port
11 Stack
18 Keypad
19 Camera
20 Patchpanel
21 Cover
30 Printsupply
40 VirtualMachine
50 ControlledAP
60 Server
61 CPU
62 Mem
63 HDD
64 Card
69 Display
80 OS
81 Software
82 License
40
![Page 41: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/41.jpg)
Devices-Status(DeviceStatus)
Thisisthecenterpointofindividualdevicemanagement.It'sdividedinto6sections(GeneralInfo,Modules,Vlans,Links,InterfacesandMonitoringStats),whichcorrespondtothetablesDevices,Modules,Vlans,LinksandInterfaces.Themonitoringpartisshownonthebottomrepresentingdatafromevents,monitoringandincidents.
Youcancreatedeviceslikecloudsvia .OnthosedevicesyoucanaddmoreinterfaceswiththesamebuttonintheInterfacesection.ThosedevicescanbeusedtolinkWAN-routerstoacloudormonitorexternalservices.
Duetoperformancereasons,onlyuptime,poe,interface(andVM)operationalstatusandinterfacelast-changeisrealtime(ifdevicewasseeninlastdiscovery).Everthingelseisretrievedfromthedatabase.
Overview
Hoverovertheiconsforhintsonwhattheydo.You'llseeprintsupplylevelsonsupportedprintersorVMsonVMwareESXis.Ifsshaccessisenabledinaddition,theVMscanbeturnedonandoff.
takesyoustraighttoDefGen,incaseyouwanttoeditthedefinitionfile.addsthedevicetomonitoringandtestsSNMPuptimebydefault.Thisiconsturnsintoaclockinthatcaseor
anothersymbol,ifyouchangethetestmethodinMonitoring-Setup(clickonicontogetthere).Theserialnumberischeckedagainsttheinventoryandreflectssupportandmaintenancestatus.Clickonittoadditorupdateanexistingasset(e.g.totrackdecomissioneddevices).
Interfaces
Activeinterfaces'namesareblueandclickingonitpopsuparealtimeSVGgraphwindow,whichletsyouobservethetrafficina1-300secondinterval.Iftheabsolutecounterisnot0,thebackgroundbecomesblue,showingyoutherehasbeentrafficonthisinterface.Recentstatuschanges,higherrorcountorPoEvalueswillbeaffectthebackgroundaswell.Ifthelaststatuschangeismorerecentthanlastdiscovery,Vlan,SpeedandDuplexbecomegreyastheymayhavechanged.Thebackgroundofpopulationturnsblueifanodewaseverdiscoveredonthisport,evenifit'semptynow.ThelastseenMACwillberevealeduponhoveringoverit.Filterinterfacesbystatus(onlyworks,ifdeviceisreachable)FilterinterfacesbyVlanusesthePVIDfieldfromtheinterfacestable.Ifyoucheck"Untagged&Tagged"thevlanporttableisusedinstead"IFInformation"letsyouchoosewhatinterfacerelateddataisdisplayedBydefaultpopulation,addressesandcountervaluesareshown(0fieldsareleftempty)InterfacegraphsizecorrespondstothesettinginUser-Profile
Chancesareyouwon'tgetcomplaintsifyouunplugaportwhere:
1. Nolink(iconnotgreen)2. Lastchangeisasmuchasswitchuptime...oratleastalongtimeago!3. NonodesshownwhenPopulationischeckedandfielditselfisnotblue.4. Notrafficisshownandrespectivefieldsarenotblue.
Iftheswitchhasbeenrebootedlatelyyoumaywanttoclickon inthesummarysectiontoreviewfreeportsintheInterfaceList.
Managing
SNMPwriteenabled:
41
![Page 42: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/42.jpg)
Youcanchangelocation,contactandadminstatusofinterfacesdirectly.IfthedeviceisusingstandardMIBsyoumayalsoeditIF-alias(entera"-"toclear)ortogglePoEdelivery(e.g.toresetahangingAPorVoIPphone).
CLIaccessenabled:
Clickon tosavetherunningconfigurationtoflash.Clickon tolookatthedevice'slog.The"CLISend->"selectboxallowsforsendingcommandfiles(filesstartingwith'cmd'intheclifolder)toadevice.RefertoSystem-Filesforcreatingcommandfiles.
Customizing
AgreatwayofcustomizingorintegratingNeDiwithothertoolsaretwoincludes,whichcanbeeditedinSystem-Files:
1. devtools.phpisincludedonceandwillbeshownnexttothedeviceicon2. iftools.phpisincludedwitheveryinterfaceandshownwiththeinterfaceaddresses.
42
![Page 43: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/43.jpg)
Devices-Translator(ConfigurationTranslator)
Thismoduleallowsforautomatedmigrationfromanolddevicetoanewmodel.
1. Addrulesonhowconfigurationblocksshouldbetranslatedtoanewdevice2. InDevices-StatusorDevices-Configclick toprepareactualtranslation3. Selecttargetgroup(s)togeneratedesiredconfig.4. Writeconfigtotftpfolder(canbeeditedbeforeinSystem-Files)
TranslationRules
Field Description
SourceType Exactdevicetypetofilterapropriaterulesfortheexistingdevice
TargetGroupShoulddescribethenewdevicesAgroupusuallycontainsmanyrulesOneormoreareselectedwhenpreparingthetranslation,toenableflexibletranslationsonthefly
Context Forexample"interface"or"vlan"tolimitcontextspecificmatches
Source
Regularexpressiontomatchanexistingconfiglinelike"/interface(\d)$/"(if"interface"isusedascontextinotherrules,they'llbeaddedafterthisrule)Append_&&_regexptomatchcontextnames,e.g.adding_&&_/Fa([1-9]|1[0-9]|2[0-2])$/matchesonlyFa1-9,Fa10-19andFa20-22Ifyouappend_&&_USEPRIthepriorityoftheruleisused(nottheonefromthecontext),usefultomovealinefromacontexttotheglobalconfig
Destination Areplacementstringlike"interfaceFa0/$1"whereas$1,$2,$3replaceSourcematchesin()
Priority CanbeA-Ztodefinewheretheresultingconfigshouldbeplacedintheoutput
User NeDiuserwhoupdatedrule(atimestampisavailableforfilteringrulesaswell)
Clickon toduplicateallrulesforspecificsourcetypetoanewsourcetypeand/ordestinationgroup(onlyshownwithfirstruleofasourcetype)Clickon toeditaruleClickon tocopyaruleClickon todeletearuleClickShowtolistall,oravalueinthedefaultreporttolistspecificrulesClickDeletetoremoveallvisiblerules(usewithcare)YoumaywanttoexportthetranslationstableasgzipinSystem-Databaseforbackup
SpecialMethods
Herearesomeusefuladditionsforsettingsthatcan'tbeextractedfromthesourceconfigorhavebeenmappedtoothervaluesbyNeDi(e.g.location).IfnecessarythefunctionProTrans()atthebottomofDevices-Translator.phpcanbecustomizedevenfurther.
UseCase Description
DeviceIPaddressfromDB Theplaceholder%DEVIP%inthedestinationisreplacedbydevipfromthedevicestable
DevicelocationfromDB Theplaceholder%LOCATION%inthedestinationisreplacedbylocationfromthedevicestable
DevicecontactfromDB Theplaceholder%CONTACT%inthedestinationisreplacedbycontactfromthedevicestable
43
![Page 44: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/44.jpg)
DevicegroupfromDB Theplaceholder%DEVGROUP%inthedestinationisreplacedbydevgroupfromthedevicestable
GetVlansfromDB Use"VLANNAMES"assourceandsomethinglike"VLAN%VLID%name%VLANNAME%"asdestinationtolistvlansfromvlanstable(e.g.ifthesourceconfigisunusable)
GetinterfaceVlansfromDBUse"VLPORT-TAG"(or"VLPORT-UNTAG")assourceandspecifyaninterfacecontext.Entersomethinglike"switchportallowedvlanadd%VLID%tagged"asdestinationtolisttaggedvlansfromDBonthatinterface
Gettaggedvlansfromavlancontextandapplytoaninterfacecontext
Thismethodisabletoextractstatementslike"tagged1-10"withinavlancontextandmapittointerfacebasedconfigs(e.g.translatefromHPProCurvetoCiscoIOS)
Useamatchlike"/tagged(.*)/"assourceand"VLCONTEXT-TAG-ADD"asdestinationtoaddtaggedvlanstolistUseamatchlike"/untag(.*)/"assourceand"VLCONTEXT-TAG-DEL"asdestinationtoremoveTheninthe"interface"(orsimilar)contextuse"VLCONTEXT-TAG"assourceandsomethinglike"switchportallowedvlanadd%VLID%tagged
CopytaggedVlansfromaninterfacetoanother
EnterVLPORT-TAG-COPY(sourceinterface)insourceCommaseparatedinterfacelistindestinationAddVLCONTEXT-TAGasdescribedabove,ifyouhaven'tdonesoalready
Thisonlyworkswithnumericinterfacenamesatthemoment.Thereasonbehind,itwasspecifallydevelopedtounderstandZyxelconfigs.
44
![Page 45: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/45.jpg)
Devices-Vlans(VlanList)
Listsvlansandtheirrespectivenodepopulationonthedevicesforexample.
Bydefaultaemptyvlanreportwithalimitof1000isshown
45
![Page 46: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/46.jpg)
Devices-Write
Thisisaveryhelpful,butalsodangerousmodule!Alwaysusewithcaution,becauseyoucouldcreateabigmessratherquickly!
ThismoduleletsyousendCLIcommandstodevicesandreviewtheoutputinstantly:
Usefiltertoselectthedesireddevices.Entersomecommandsinthe"Execute/Configuration"areaClick"Show"tosimulatetheprocessClick"Execute"tosendthecommandsClick"Configuration"toenterconfigurationmodebeforesendingthecommandsandsavetheconfigurationafterwards.OnIOSordevicesdevicewithsimilarinterfacenamesyoucanusethe"InterfaceConfiguration"sectiontoconfigureaninterfacerange.Onlydevicesofthesameoperatingsystemcanbeusedatonce.MakesureyouadjustGUIauthentication(towardstheendofnedi.conf)tofityourneeds.Ifyou'reunsureaboutthiswholething,deleteinc/devwrite.pltocompletelydisablesendingcommandsviawebinterface!
46
![Page 47: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/47.jpg)
Monitoring-Events
Incomingmonitoring,discoveryorsyslogeventsandsnmptraps(ifenabled)arepresentedhere.Severalfilteroptionsallowyoutoexamineproblemsveryefficiently.Usethearrowkeys(beneathshow)topagearoundinyourselection.
MACandIPaddressesprovidedirectlinksforfurtherinvestigation(e.g. )EventscanbeacknowledgedbyclickingitsId.Thelevelbackgroundturnsgreyandtheirlevelisdividedby10Basedonthefilteryougetnewshortcuticonsforfurtherinvestigation
Conditionsinvolvingcriterias(e.g.locationorcontact)fromthedevicestable,cannotbeusedtodeleteeventsduetoqueryrestrictions!
EventClasses
Classesrevealthecauseandsourceofanevent(likesyslogordiscovery)Classesarerepresentedwithaniconandamouseoverdescription
EventLevels
Image Level Name Description
<30 - Anyacknowledgedeventisdividedby10(imageshowsanacknowledgedeventwithalarmlevel)
30 Other Unspecifiedlevel(e.g.fromunknownsyslogsources)
50 Info Informationalandgoodnews
100 Notice Youmightwanttolookatthis,iftimepermits
150 Warning Youprobablyshouldlookatthis...
200 Alert Definitelylookatthis!
250 Critical Seriouscondition,fixitnow!
47
![Page 48: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/48.jpg)
Monitoring-Health
IfyoudouseNeDi'snetworkmonitoringfeatures,thisisthemoduletojustleaveopeninabrowser.
It'llrefresheveryminutetoalertyou(withoriginalwww.PSI.chsirensounds!),ifsomethinggoesdownIfyoudrilldownintolocations,themessagesandeventswillbefilteredaccordinglyAmobileversionwithoutgraphsandsessionmanagement(nologinrequired)canbeaccessedwithmh.php(deletethisfile,ifyoudon'twanttoallowthis)
Topsection:
DisplaysoverallnetworkconditionThesizeofthegraphscanbeset(orturnedoffaltogether)inUser-ProfileTargetavailability,excessivetrafficorerrorsoninterfacesExceededCPU,memoryandtemperaturethresholdsofdevices
Eventsection:
Somestatistictotheleftandimportanteventswithinthelast24htotherightareshownbydefaultAdjust#topeventsinUser-Profile(<6showslessstatistics,<3noeventsatall)AnyeventcanbeacknowledgedbyclickingitsId(internallydividingitslevelby10;acknowledgedeventsreceiveagraybackground)
Topologysection:
WorksjustlikeTopology-Map,providingoperationalstatusoflocationsinadditionFailednodesandnon-SNMPinalocationareshownwith ,butdon'taffectthebackgroundAshadedbackgrounindicatesthatnotallSNMPdevicesaremonitoredinalocationEventswithalevelof250causearedflagtoappearontherespectivelocation(acknowledgingitremovesflagfromlocation)Adjust#columnsinUser-Profilefityourscreen(settingitto0hidesthissection)
48
![Page 49: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/49.jpg)
Monitoring-History
Analyzeeventsovertimetodiscloseabnormalbehaviourinthepast.
UsethefiltertonarrowdowntheeventsSelectstartandendpointandthegranularityforyouranalysisGrouptheeventsbylevel,sourceorclassTheoutputformatcanbebarsorinterfactivegraphs
49
![Page 50: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/50.jpg)
Monitoring-Incidents(IncidentList)
Anincidentiscreatedwheneveradevicedidnotrespondfor'uptime-alert'times(seenedi.conf).Hereyoucanacknowledgeandclassifythemforfutureanalysis.
OnceyouknowwhathappenedselectanappropriatecategoryandentersomeinfoYoucanfilteronacategoryoractiveincidentswheretargethasn'trecoveredyet
Theeasiestwaytoacknowledgeaheapofnewincidents:
1. Setfilterto"new"2. Enteradescription,whereapplicable3. Selectclass(eventdisappearsasyoufilteronnewones)
50
![Page 51: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/51.jpg)
Monitoring-Map
ThisisanalternativetoMonitoring-Health,displayingdynamicnetworkmapsonvariousdashboards.Alternativelyyoucanaddlocations(atleastthebuildings)inAssets-Locedandusetheircoordinatesforinteractivemaps.
Setting"NoGraphs"inUser-Profilehidesthechartsontop(othersizesaffecttheirsizeandthepreviewsintheeditor)ClickmaintitletohidethesectionuntilrefreshClick tohidethesectionforentiresessionLookatthePHPcodefortweakingthedefaulttimeouts
AddingNeDiMaps
1. CreateapngmapinTopology-Map2. Click"Monitor"whenfinished3. GotoMonitoring-Mapandclick toaccesstheeditor
Thereare6groups(A-F)whichrotatethroughtheassignedmaps(change/refreshevery10s)Thereare6groups(a-f)whichdisplaytheassignedmapsatonce(refreshwithreloadofpage,every180s)TheprioritydeterminestheorderofthemapswithinagroupClickon or toeditorcopyamapviaTopology-MapIfyousetaccesstoall,themapwillbevisibletootherusers,allowingforcopyingitintotheirownviews
AddingGeoMaps
1. Click toswitchtotheinteractiveGeomap2. Eachflagrepresentsaregion(clickonetheseeit'spopupmenu)3. 'FilterMap'zoomsintotheselectedregionanddisplaysit'scities4. Ifyoudidn'tcreateregionorcitylocationsinLoced,it'llplacetheflagononeofitschildren5. Click onthebottomtoshowallbuildings(withcurrentfilter)6. Click todisplaysiteswithbrokentargetsonly7. Click whenfinished8. Entereditorwith toadjustthesize(100%=FullHD)9. Ifyouwanttoshowseveralmapsputthemindifferentgroups(1-9)
AddingRRDGraphs
1. SelectgraphsandtheirsizeinDevices-Graphs2. Selectgroupwheretheyshouldbeaddedto3. ClickShow
51
![Page 52: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/52.jpg)
Monitoring-Master
ThemasterconsoleisintendedforuseonacentralNeDihost,whereonlythemaster.pldaemonisrunning.AllotherGUImodulesexceptDevices-List,Devices-Status,Reports-MonitoringandMonitoring-Eventsshouldbedisabledtoavoidconfusion.InadditionauniquethemeshouldbeselectedtofurtherdistinguishthishostfromregularNeDiinstallations.
Setup
1. AddremoteNeDiinstallationstotheagentlistandaddtheusernamesandpasswordstoaccesstheminnedi.conf2. Runmaster.plfromSystem-Services(onlyvisibleifMonitoring-Masterisenabledinnedi.conf)3. GotoDevices-Listandadddetectedagentstomonitoring(NeDiagentsaretreatedasdevices)4. GotoMonitoring-Setupandselecthttporhttpsastest ,totellmaster.plhowtoaccesstheagents5. Youcanaddapathlikenedi/astestoption ,ifnediisnotaccessibleintherootpath6. GobacktoSystem-Servicestorestartmaster.plorwaitfora'pause'intervalltogettheagentspolled
Operation
Uponfirstaccess,master.plreadsthelasteventwithlevel200(alert)oraboveandallunacknowledgedincidents.Onsubsequentrunsonlynewalert-eventsareread.Incidentsareremovedfromthemasterconsole,ifthey'reacknowledgedontheagent.Monitoring-Mastershowsthoseeventsandincidentswithquicklinkstotherespectiveagents.
52
![Page 53: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/53.jpg)
Monitoring-Setup
Configurehowtargetsaremonitoredandhowusersarenotifieduponafailure.TheconceptofMonitoring-Setupistousethefilterinordertoapplysettingstoasingleormultipletargets.Ifyoudon'tsetafilter,alltargetsareupdatedatonce.
Filter
Usethetemplates(iconsabovefilter)orclickonthelinksofTarget(tomatchasingletarget)Clickingonatesticon(e.g. )executesamonitoringtestonthistargetClickingonAlertorEventsAction(e.g. )fromthelistappliesitasfilter
Monitor
DefinetheTest (Shouldbeuptimeforallswitchesandroutersalready)Settingitto"No"skipsactivepolling.Canbeusedasmaintenancemodeorifyoujustwanttosetevent-actionsordiscoverythresholdsonadeviceSelecticmpifTCPpingdoesn'tworkonatarget.Enter#ofpacketsin ,ifyouwanttosendmorethan1Testhttp/https:Youcanenterastringlike"index.html"in andaregexpmatchingasuccessfulresponsein .OnlyaSYNcheck(TCPpingonport80)isperformed,ifyoudon'tTestdns:youcansendahostnameandaregexpmatchingtheexpectedIPaddressTestntp:youcansendRFC2030fieldslike"Stratum"andenteramatch [̂1-5]$todetectifyourntpserverlostsyncClicking"Update"appliesthesettingstothedisplayedtargetsClicking"Delete"removesthedisplayedtargetsfrommonitoringSelectemailorSMSalerts,justhaveincidentscreateMonitoring-Eventsornothingatall.Ifyouselectarepeatoption,thealertisresentevery100thfailedtestTheLatencytextboxallowsforchangingthelatencythresholdforindividualtargetsClickon tosimulateanouttageofthefirstmonitoredtarget
Events/Threshold
Youcanforwardeventsasemailsbasedontheirlevelorcontainedtext:
WithForwardinthefirstboxselectaminimumeventlevelWithForwardinthefirstboxenteraregexpastheFilterAlternativelyyoucanselectDiscard,amaximumeventleveland/oraregexpandmatchingeventswillnotevenbestoredintheDB(LevellimitcanonlybeusedtoforwardORdiscardbutnotboth)SettingaregexpforMaximumraisesmatchingeventstolevel250(Emergency)andshowsthosewithinthepast24hinMonitoring-Health(usefultoidentifyfailedpowersuppliesorstackmembers)Thenotifysettingsfromnedi.confcanbeoverriddenforeachtargetinthe"DiscoverNotice"fieldToclearanyfitlerentera"-"byitself
Reset
Setsdependencyinfo,ifavailablevialinksordeviceinformation(incaseofnodetargets).Afterthat,thedependenciescanbeadjustedoneachtargetindividually
UpdatestargetIPaddressfromdevicesornodes(incasethey'vechanged,there'sa iconinthetargetstatus)
Resettheavailabilitycounters(lost&ok)onceayearifyouneedtoknowannualavailabilityforexampleAyellow/shadedtargetstatusindicatesthatitsnotfoundasnodeordeviceanymore(andshouldprobablybedeleted)
53
![Page 54: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/54.jpg)
Nodes-Create
CanbeusedtocreateVMsonanESXhypervisor,ifSSHaccessisenabledandcredentialsareset
SelecthypervisorandVMtobeusedastemplateEnteratargetnameSpecifynumberofCPUs,memoryanddisksizeEnterfullpathandfilename,ifyouwanttoinstallfromaISOimageClickshowtoreviewtheVMconfigandAddtocreateit
CLITips
IfpoweringonaVMdoesn'tprovideanyresult:vim-cmdvmsvc/message(vmid)
Ifmessageaskforananswer:vim-cmdvmsvc/message(vmid)_vmx11
Ifaprocessgetsstuckandyouget"Anothertaskisalreadyinprogress"error:Determineidofprocessinquestion:esxclivmprocesslist
Thenkillit:esxclivmprocesskill--type=force--world-id=(id-from-above)
ShrinkthinprovisionedHDDimage(zerofillunusedspacefirst)vmkfstools-Khdd.vmdk
54
![Page 55: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/55.jpg)
Nodes-List
Listnodes,correspondinginterfaces,theirgraphsandavailableservicesforexample.
ThenodestablewithMAC-interfacesmappingsisthebaseforthismodule.ItscombinedwithIP,IPv6andDNStables,whichmayresultinmanyentries,ifseveralIPaddressesarefoundforaparticularMACaddress.Ifyoulistrealtimeservices,makesureyoudon'tmatchtoomanynodesasitwilltakealongtimetoscantheopenports.ClickingontheNICvendoricontakesyoutoNodes-Statuswhereyougetallnodedetailsataglance.Youcanaddthedisplayednodestomonitoring(testingwithaTCPpingbydefault).Bydefaultthe"NodeSummary"reportisshown
Conditionsinvolvingcriterias(e.g.locationorcontact)fromthedevicesorinterfaces(e.g.IFalias)table,cannotbeusedtodeletenodesduetoqueryrestrictions!
55
![Page 56: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/56.jpg)
Nodes-RogueAP(RogueAPList)
Thisisanapproachtodetectpotentiallyrogueaccesspointsfromthewiredside.AllnodesarecomparedagainstalistofMACaddresssamplesfromconsumeraccesspoints.
Check'Population>1'toonlyshowmatcheswhereseveralnodesarefoundonaportwithmatchingMACsample
56
![Page 57: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/57.jpg)
Nodes-Status(NodeStatus)
ThisistheDevices-Statuscounterpartfornodes.Itdisplaysthenoderelevantinformationontheleft,deviceandinterfaceontherightwiththeconnectioninbetween.
You'dusuallylandherecomingfromothermoduleslikeNodes-List.Alternativelyyoucanenter/pasteaMAC-addressinanycommonformat(groupedby-or.or:orplainHEX)IfyouneedtheMAC-addressinaCLIwindowofadevice,simplycopytheappropriateformatshown
ViewsyslogeventscontainingthisMACaddressCreateaMACpolicy(e.g.markthisnodeasstolen)Allowsadministratorstodeletethenode
ClickingonthenetworkiconofanIPaddressrevealsacontextmenu:
ViewsyslogeventscomingfromthisIPGototheToolboxwiththisIPSendWakeonLanpacketsProvisiondeviceusingentryfromDevices-InstallIdentifieshostandavailableservicesDiscoverasanSNMPdevice
57
![Page 58: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/58.jpg)
Nodes-Toolbox
Somenoderelatedfunctionstotroubleshootproblems.
BydefaultclientcustomizationsforbetterinteroperabilitywithNeDiareshown.Ifyou'reaccessingitfromaclientinthefield,thismightbeofinterestaswell:
Downloadkitty.exetoaccessdevicesusingtelnetorSSH.Downloadiperf.exetotestnetworktrhoughput(requiresenablingtheserverinSystem-Services,oranother
iperfserversomewhereelse).
58
![Page 59: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/59.jpg)
Nodes-Traffic
ThisisthemainNetflowmodule.Knowledgeaboutnfdumpandthetcpdumpfiltersyntaxishelpfulhere.
Thenetflowdatauseslocalunixtimestamps,whicharenotadjustedtotheclient'stimezone,ifdifferent!
Thefirstselectboxletsyouselectthecolumnstobeaggregatedby(defaultstoproto,src/dstandsrc/dstport)The2nddeterminessortingThe3thletsyouselecttheflowsource(s)Thetextboxallowsforusingafilter(sometemplatesabove)IPsarecheckedagainstdns,arp,nodes,networkanddevicestablesandsetaniconaccordinglyTheslideradjuststhestarttime(canbesetwithdatepickerbydoubleclickontimefield)Youcanaddagraphlikepiechart,sankeyorRRD(latterisnotadjustingtodisplayedtraffic)Enablingnamelookupwith usesdnsandwhois(storingtheresultinthenetinfotable,whichcantakeamoment)Clickingonthesourcesanddestinationscyclesthefilter(src/dstip,ip,src/dstnet,net)forquickchangesCreateanalertpolicyfromanappliedbyfilterbyclickingthe icon(requiresSystem-Policy)
59
![Page 60: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/60.jpg)
Other-Calculator(IPCalculator)
Subnetcalculatorforsub-andsupernetting
Check"DBComparison"tofindusedandunusedaddressrangesAtableofsubnetscanbeexportedtoXLSforfurtherprocessing
60
![Page 61: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/61.jpg)
Other-Converter(NumberConverter)
Averysimplenumberconverter,whichcanbehelpfulinfindingthecorrectOIDswithDef-Editor:
PasteOIDsorstringcontainingHEXordecimalnumbersandclickShowThevaluesareshownindecimal,HEXandASCII
61
![Page 62: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/62.jpg)
Other-Defed(DeviceDefinitionEditor)
Generatethoseinfamous.deffileswiththehelpofthismodule,tomakethemasaccurateandreliableaspossible.Emailmetheresulting.deffilesbyclickingon ,ifthey're100%workingandI'llincludetheminthedistribution.
You'dusuallyclickonasysobjidcolumnofanunknowndeviceinDevices-Listor inDevices-Status.ThiswilladdanIPaddressandSNMPcommunityalongwiththesysobjidyouwishtotakecareof.
Incasea.deffileexistsalready,it'svalueswillbefilledintotheform.
The buttonsubmitsIPandcommunity,readstheexisting.defandmarksthesysobjidtobeusedassourceforanunknowndevicewithnosuitablesource.defswithinrange.
Incasea.defexistswithit'slastsysobjiddigitwithin-+10ofthechosenone,it'llbeaddedtoalistofpotentialsource.defs,whichcanbecopiedastemplate.(apreviouselymarked.defappearsassourcewithgreenbackground,ifnonewerefound).
Here'ssomeusefulinformationonSysobjids:Cisco
It'salsorecommendedtowatchtheDefGenTutorial!
Hoverovertheinputfields,togethintsonwhattofillin.Findthemostofficialtype(there'susuallyastickerwithabarcodesomewhere).SelecttheiconaccordingtotheGUIdocsontheNeDiHomepage.Contactme,ifyouneedanewOSselection.SomevendorsusevlancommunityindexingtogetBridgeforwardinginformationontheswitches.Somevendorsusetwicethebandwidthtoindicatefullduplex.Justuse'doublespeed'askeywordforIFDuplex.OnlypopulatetheAlias-Duplex-andVlan-Indexfields,ifthey'renotthesameastheinterfaceindexes.IfMAUtype(1.3.6.1.2.1.26.2.1.1.11)isused,noactualduplexvaluesarerequired.Usemodifierstomultiply/dividetemperatureandmemoryifnecessary.Thelatteralsoaccepts%ifthevaluereflectspercentageofavailablememoryor-%inthecaseofusedmemory.Addan"N"toanOID,ifofthelastnumbercanvaryforCPUortemperature.Add1-xtobootimage,iftheinfoisspreadacrossseveralOIDs(e.g.Zyxel,ESXi)UseanegativecustomthresholdtoalertifresultislessthanthresholdOnceyoustarteditingthetextarea,theinputfieldsabovewillbelockedtopreventaccidentalinput.
62
![Page 63: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/63.jpg)
Other-Flower(FlowerOpenflows)
Openflowisastandard,whichallowsforacontrollertodirectlymanageflowtablesonswitches.ThisformsthefoundationofSoftwareDefinedNetworking(SDN)andcanbeusedtobuildfirefwalls,loadbalancersandalotmorethatwecan'teventhinkof,yet.
ThismodulemakesiteasytocreateandremovestaticflowsonsuchanOpenflowcontroller(rightnowFloodlightissupportedandtested).
SetthenameorIPaddressofyourcontrollerinthe$flcvariableatthetopofthephpcodeorsimplycallitwithOther-Flower.php?flc=CONTROLLERAllswitchesmanagedbythecontrollershowupwiththeirflowsinalistonthebottompart.Hoveringovericonsandinputfieldsrevealtheirpurpose.IfOther-Flowerisenabledinnedi.conf,you'llseeitsiconinNodes-List'sMACandIPaddressfields,whichletsyouquicklyaddnewflowsbasedonthemTopushanewflow,enteranameforitandapriorityifdesired.Definethefiltertomatchpacketsbasedoningressport,source/destMACorIPaddressorUDP/TCPports.You'llneedtoadd0x800asEthertypeand6asprotocol,ifyouwishtomatchTCPpacketsforexample.Nowsetanactiontotake,whichcanbeadestinationinterface,vlanandevenmodifyingMACorIPaddressorport.Ifyoudon'tspecifyanaction,thematchingpacketwillbedropped.Selecttheswitchesfromthelistbelow,whereyouwanttoinstalltheflowonandclickAdd.
63
![Page 64: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/64.jpg)
Other-Info
Simplewrapperforphpinfo();
64
![Page 65: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/65.jpg)
Other-Invoice(InvoiceGenerator)
Here'sawaytofinanceNeDi'sdevelopmentinformofanannualcontributionbasedonthesizeofyournetwork:
Enteryouraddress,acommenttoinformpurchasingwhatit'sforandclickupdateDeselectcheckboxes,ifyoudon'twanttopayfortherespectiveitemsselectacurrencyandclickonthe"Print"iconthecreateaninvoiceTheresultinginvoicecanbeprintedbyclickingontoplefticon
THANKSINADVANCE!
65
![Page 66: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/66.jpg)
Other-Noodle(NoodleSearch)
Thisisasimplesearchtool(Google-likeNeDiSearch)tofindstringsinthewholedatabase.It'susuallycalledbythe"FindIT"boxintheheader
66
![Page 67: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/67.jpg)
Reports-Combination(CombinationReports)
Thismodulecombinesactualreportsfromtheotherreportingmodulesinordertoprovideenhancedviewsonspecificaspects:
1. Assetlistsalldevicerelevantinfoandthedistributionofmoduleswithin2. Populationshowshowthenodesaredistributedacrossyournetwork3. Monitoringsummarizeseventsandincidents4. Errorlistsduplicatesthatshouldn'tbe,IFerrors/discardsandlinkmismatches
67
![Page 68: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/68.jpg)
Reports-Custom(CustomReport)
Thismoduleallowsforcreatingcustomizedreports.Someknowledgeabouthowdatabaseswork,ishelpfulhere.
TheDevicetableisusedasbaseforeveryreportSelectanothertable,ifyoudon'tjustwanttolookatdevicesDefineafilter(upto4conditions)Select(multiple)columnstogrouptheresultsbySelectacharttypetobedisplayedontopUselocationlevelincombinationwithlocationcolumnstogrouponcitiesforexampleUsethetemplateiconsforquickexamples
68
![Page 69: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/69.jpg)
Reports-Devices(DeviceReports)
Reportsfocussingondevices,theirconnectionsandconfigurations.
TypeDistribution Distributionofdevicevendorsandtypes
ClassDistribution Distributionofdeviceclassesandtheirservices
SWDistribution Distributionofoperatingsystemsandsoftwareversions
DuplicateSerial# Duplicateserialnumbersofdevicesandmodules
DuplicateIP DuplicatemgmtIPaddressesofdevices
GroupDistribution Devicegroupandmodestatistics(canbeVTPrelatedorAPgroupsinWlancontrollers)
Configuration CLIdevicesmissingconfigandconfigswithoutchanges
DevicePoE TopPoEbudgedsandtheirusage(basedonPower-EthernetMIB)
DiscoverHistory Discoverhistory,whereeachcoloumnislimitedindividually(usefiltertonarrowdownthetimeframe)
DeviceConnection Unlinkeddevicesandundiscoveredneighbors
ConnectionErrors Linkmismatchesbasedondiscoveryprotocolinformation
69
![Page 70: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/70.jpg)
Reports-Interfaces(InterfaceReports)
Interfacereportsprovideinformationontheperimeterofyournetwork,butalsorevealinternalproblemsormisconfiguration.
Summary ShowsTopinterfacetypesandrespectivestatus
Traffic,Errors,DiscardsandBroadcasts
liststhebusiestandmostproblematicinterfacesofyournetwork.Check'AlternativeSort'totakeIFspeedintoaccountofthetrafficstatsandtheactualtrafficfortheerrors.'Optimize'usesabsoluteerrorsratherthanthoseseenwithinthelastdiscoveryperiod
PortAvailability Revealswhichswitchescanbereplacedbysmalleronesorwhicharegettingreallyfull(basedonrecentingresstraffic).'Optimize'restrictsthisstatistictobridgesandethernetinterfaces
PortDisabled Quicklyfindthatinterfaceyoudisabledaweekago,becausesomeinfectednotebooktriedtoattacktherestofyournetwork
PoEStatistics Displaystoppowerdeliveryperdeviceandinterfaceaverage,basedonperinterfacePoEinformation(e.g.fromdiscoveryprotocolorinterfaceMIBs)
VlanDistribution
Generatesavlanmatrix,showingnumberofuntaggedportswithanicon(1,2and3ormore)andnumberoftaggedportswithbackgroundcolor(shaded,ifuntaggedportsarefound)
70
![Page 71: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/71.jpg)
Reports-Modules(ModuleReports)
Needtoknowhowmanymodulesofakindyou'vegot?Thisreportalsohelps,ifyouneedtogenerateaHWinventoryforsupportcontractsbasedonserialnumbersetc.
Distribution Presentsanoverviewofwhichmodulesareinstalledinwhichdevices
Inventory Generatesacompletelistofdevicesandtheirindividualmodules
Printsupplies Listsprintsuppliessortedbyavailabilityorlocation(tomakefillingthemupeasierfortheguywhohastogotoeveryprinter)
VirtualMachines ListallhypervisorswithallocatedVMs,CPUsandmemory
71
![Page 72: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/72.jpg)
Reports-Monitoring(MonitoringReports)
Generalmonitoringstatisticslikeavailability,eventsourcesandincidentsandhowthey'reacknowledged.
AvailabilityDistribution Statisticsoftargetsandtheirlocations
LatencyStatistics Last,averageandmaximumlatencyoftargets(inaccurateatthemoment,sorry)
UptimeStatistics Listdeviceswiththehighestservicetime
EventsDistribution Statisticalbreakdownofevents,theirlevelsandsources
IncidentGroup Distributionanddurationofcathegorizedincidents
IncidentDistribution Distributionofincidentsacrosstargetsandtheirlocations
IncidentAcknowledge Acknowledgestatisticsandtimeperuser
IncidentHistory Logincalendarformto"spotpatterns"(optimizerevealsdetailedview,increaselimitformoreyears)
72
![Page 73: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/73.jpg)
Reports-Networks(InterfaceReports)
FindhownodesaredistributedacrossyourIPrangesorhowsubnetsarebeingused.
NetworkDistribution
Listsdiscoverednetworksandtheirusage.ClickoptimizetoverifyallinterfaceIPsandprefixesondeviceswitheachother
NetworkPopulation
Showsallsubnets(</16)andmapsIPsofnodes(green)anddevices(blue)orboth(yellow)intotheaddressspace.EmptyDNSentriesshowupred
73
![Page 74: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/74.jpg)
Reports-Nodes(NodeReports)
Reportsfocusedaroundtheanythingconnectedtoyournetwork.
Summary Nodestatisticsataglance
NodeDistribution Distributionofnodesbyportanddevicetodetectunmanagedswitchesorhubs
DuplicateNodes Showsduplicatenodenames(e.g.havingaWlanandEthernetconnection)orMACaddresses
NodeAddress ShowsduplicateormultipleIPaddresses
OS&Services ShowtopnodeOSandtypestatisticsifnodesareidentifiedwithNeDi'sscanfeature
Nomads IPandIFchangesmultipliedyieldNeDi'snomadfactor,anindicatorforthosewhoseemtotravelalot
DiscoverHistory
Thishisorycanrevealmajorchangesorproblemsinyournetwork.Eachcoloumnislimitedindividually(usefiltertonarrowdownthetimeframe)
EmptyVlans Unpopulatedvlanscanbeidentifiedandeventuallyremoved,ifnotneededonparticulardevices
74
![Page 75: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/75.jpg)
System-Database
BackupSQLtables,performDBmaintenance,exportconfigurationsastextfilesorothertablesasCSVfiles.BydefaultthecompleteDBstructureincludingnumberofrecordsisshown:
Quicklyview(thefirst1000)entriesofatablebyclickingonthe ,ifshownOptimizeatablewith orrepairwithDeleteallrecordswith
Execute
Selectaqueryfromthe"--DBList--selectbox.EntriesbeginwithsimpleSELECTstatementstodisplayentiretables,butalsocontainmaintenancetaskstowardsthebottom"ConfigurationBackup"simplyaddsaquerytoselectallconfigs,butcreatesadownloadablegziparchiveaswellAllotherselectstatementslisttherespectivetablecontents,whichcanbedisplayedasCSV(withdestinationsetto"plain")
changesIPaddressesandtimestampstoahumanreadableformatandaddsatimestamptothearchivename,ifdestinationisGziporBzip2Bzip2needsmoreresources,butgenerallycreatessmallerarchives.Dependingontheamountofdatayou'redealingwith,themodulerequiresmorememoryortimetofinishprocessing!
SQLDump
Select(holddownCTRLformultiple)tablestobeexportedinSQLformatTheresultingfilecanbeimportedagainviaSystem-Files,ifDestinationwassettoGzip
75
![Page 76: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/76.jpg)
System-Files
Thismodulesprovidesthefollowingmajorfeatures:
1. Edit/Viewsystem,deviceconfigurationandnedilogfiles2. ImportSQLdataorupdateNeDifiles3. Managefilesinhtml/log,map,topoandtftpboot4. ManageCLIcommandfilesandinstalltemplates(seeDevices-Install)5. DeleteoutdatedRRDs(olderthanretireinnedi.conf)tofreeupdiskspace
Editor/Viewer
Simplychoosethefileyouwanttoeditandclicksave,whenyou'redone.Youcanonlyeditfiles,whicharewritablebythewebserver.Adeviceconfigurationcanbewrittento"tftpboot"andusedforPXEprovisioningWheneditingnedi.confornodi.confyoucanclick forthepasswordencryptionpop-upClickon tocreateanewinstalltemplatesorCLIcommandfiles
Import/Update
Select"ImportDB"anduploada.sql.gz(packed)filewhichwillreplacetheDBdata.YoucanrestoredumpscreatedwithSystem-Exportforexample.CreateandactivateasnapshottoadddatafromanotherNeDisystemSelect"UpdateImage"anduploadanarchivewithalternativeusericons(usr/0-99.jpg)ordevicepanels(panel/devtype.jpg)Uploadanedi.tgzarchiveandchoosewhetheryouwhishtobackupyourexistingconfig(checkforcompatibilty!)ornot(e.g.forpatches)
ManageFiles
Uploadfilesintheapropriatearea.Filesinhtml/logcanbeaccesseddirectlybyclickingonfilename.DeletefilesbyclickingonFoldersinthetoposectioncanbeselectedtouploadabackground.jpgorotherfilestothislocation.TheycanbeusedbyTopology-Mapas"geo"mapbackgroundsorTopology-TableandAssets-LocationfordocumentationClickon tocreateanewfilein"tftpboot"forPXEprovisioning
76
![Page 77: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/77.jpg)
System-NeDi
Executenedi.plfromtheGUI.Themodulecanbeusedtoperformthefollowingtasks:
1. Bydefaultthehelpisdisplayed,whichrevealsoptionsandtheoutputlegend2. Definitionsshowsallavailable.deffiles,sysobjidsarelinkedtoDef-Editor3. Discoverwillactuallyfinddevices4. ServicesscansforcertainopenportsongivenIPaddressesandusestheanswersforhostidentification5. Initdropsandrecreatethewholedatabase,butdoesnotremoveanyconfigfilesorRRDs
Doubleclickintheoutputareatohaveitturnyellowandscrolldownautomatically.Doitagaintoturnthisfeatureoff.
Discover
ThisisNeDi'score.Youcanusethismoduletodeterminethebestwaytodiscoveryournetwork.Onceyou'vefoundtherightoptions,copythecommandabovetheoutputandputitincrontabviaSystem-Files.Thereareseveralapproachestodiscoveranetwork.Firsttherightmethodtousethesourcesneedstobefound:
1. Don'taddanyIPstotheseedlistandcheck"Protocol".ThisdiscoversthedefaultgatewayoftheNeDihostandanyneighborsviaCDPorLLDP
2. Ifyouhavefirewallsorother"hurdles"separatingyournetworks(notsupportingCDPorLLDP),youneedtoaddaseedforeachisland
3. Useastaticseedlistanddon'tuseanydiscoveryprotocols4. Select"Address"fromtheSeed-selectboxandenterasingleIPorrangelike1.2.3,6,8.10-155. Alternativelyyoucanclick toselectDeviceswiththe'all'optiontodiscoveralldevicesintheDB6. Youcanalsouseaquerytoonlydiscoverasubsetandusecrontabtoparallelizethediscoveriesthisway7. Tofindmore"exotic"devices,addthevendorstringstoouidevinnedi.confandcheck"OUI".Discoverarouter
connectedtothosedevicesandthey'llbequeued8. Youcanuseroutetablesaslayer3discoverybychecking"Routes"
Thebehaviorcanbecontrolledwiththefollowingoptions:
SelectaConfigurationoptiontobackupdeviceconfigurationstoDBandtheconfigfolderClick toskipinterfaceinfo, toavoidgraphsor toignorenodes(anycombinationispossible,tospeedupthediscovery)Select"Version"toforceusinganSNMPversion(onlytesteduponfirstdiscoveryandthefirstoneworkingisstoredinDB)Check"Read"tore-testSNMPreadaccess(usefultorediscoveranexistingdeviceinconjunctionwith-V)Check"Write"tore-testSNMPwritecommunitystrings(onlytesteduponfirstdiscovery,canbeturnedofviasnmpwriteinnedi.conf)CheckFQDNtousecompletedevicenames.Otherwiseeverythingaftera'.'istruncatedasfqdn'scancausewronglinksNeDireliesonuniquedevicenames.CheckDevIPtousetheirIPaddressesinsteadSelectacommandfilefromCLI-Sendselectboxtohaveitexecutedoneachdiscovereddevice(seeSystem-Filesforcreatingthem)
DNSNames
SelectAddressfromtheSeed-selectboxandenterasingleIPorrangelike1.2.3,6,8.10-15CheckverbosetofollowtheprogressofthenameresolutionClickExecutetoresolveallnamesinthatIPrangeTheNetworkPopulationreportinReports-NetworksleveragesthisinformationtoshowunusedDNSrecordsforexample
77
![Page 78: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/78.jpg)
Services
SelectAddressfromtheSeed-selectboxandenterasingleIPorrangelike1.2.3,6,8.10-15AlternativelyyoucanselectNodesandenteraquerylikeoui~'intel'SelectPing(1-3stimeout)tomakesureanaddressisinuse(TCPechoisusedandmaynotworkonsomehosts)CheckverbosetofollowtheprogressofthehostidentificationThe'id'optionusesssh,sendmail,http,httpsandnetbiosforhostidentificationIfusedfromCLI,additionalportscanbecheckedlike-sid,3128,5900
78
![Page 79: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/79.jpg)
System-NoDi
Executenodi.plfromtheGUI.
NoDistandsfornode-discovery(refertotheNeDiGuideformoreinformation).Makesureyoueditnodi.confbeforeusingthismodule.
1. Bydefaultthehelpisdisplayed,whichrevealsoptionsandtheoutputlegend2. EnteranIPaddress/rangeorselectNodesandenteraSQLquery3. Selectausertoavoidtryingallavailableones4. Skipwhatyoudon'tneed5. Click"Execute"tostartdiscovery
Doubleclickintheoutputareatohaveitturnyellowandscrolldownautomatically.Doitagaintoturnthisfeatureoff.
79
![Page 80: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/80.jpg)
System-Policy
Thisisapremiummodule,onlyavailablewithNeDi+.Findmoredetailshere
Makesureyouunderstandhowpolicyactionswork!Youcandisableallnetworkinterfacesforexample,ifyoudon'tknowwhatyou'redoing!
Searchfor'safetyon!'inlibmisc.pmandtogglecommentingonthe2'$clistat'lines,ifyou'reconfident!
Thismoduleletsyoudefineconditionsondeviceconfigurations,neighborsorlearnedMACaddressesandtakeactionuponhitormiss.
Theclassofapolicydetermineswhereinthediscoveryit'sprocessed.Thisisimportant,ifyouwanttotakeactiononneighbornamesandlearnedMACaddressesforexample,asonlythelastmatchingpolicywithanactionwillbeexecuted.
Order Class Operator Description
1 NeighborName ~or!~ AftercollectingallLLDP,CDPorFDPneighborstheirnamesareprocessed
2 NeighborType ~or!~ Rightafterthenames,theirtypesareprocessed
3 MACAddress ~or!~ Aftercollectingthebridge-forwardentries(MACaddresstable)they'reprocessed
4 ConnectionBefore ~or!~ WhenwritingtheinterfacestotheDB,thepreviousconnectioninformation(linktype)is
processedtodetectchangesindeviceinterconnections
- Configuration ~or!~ Configurationsareprocessedwith-bor-Bx,butthispolicydoesnotdependontheothersabove
- PortConfiguration ~or!~ Configurationofinterfacecontexts(e.g.inconjunctionwith"ConnectionType")
- DeviceMonitor any
Addnewdevicestomonitoring.Ifyouenter-ornointarget,it'llbeaddedinmaintenancemode.CPU&Memthresholdsaretakenfrom.def,alertactionisappliedtotargetanddoesnotcreatealertsitself
- Total#ofMACs >or< Thispolicyreferstototal#oflearnedMACaddresses(includingthoseonuplinks).It
doesnotdependontheothersaboveasit'sevaluatedafterwritingnodesofadevice
-Packets,BytesandFlows
>or< Thosepoliciesareusedbyflowi.pl(onnfdumpfiles)allowingforalertsonexcessiveormissingtraffic
StolenNodes
1. Clickon inNodes-StatustocreateaMACpolicyofthatnode2. AdjustAlertsettingorinfotextandclickadd3. EverytimethisMACaddressisfound,you'llbenotifiedaccordingtothealertsetting
ConfigurationCompliance
1. Select"Configuration"fromtheclassselectboxandenterregexptomatch(e.g.'snmp-servercommunitypublic')2. Alternativelyyoucanchangetheoperatorto'!~'togetalertsonmissingconfigurationstatements3. Narrowdownthematchesbyspecifyingaregexpfordevicetype,locationorgroupforexample
80
![Page 81: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/81.jpg)
4. AdjustAlertsettingandinformationtextandclickadd
PortConfigurationCompliance
1. Select"PortConfiguration"fromtheclassselectboxandenterregexptomatch(e.g.'switchportmodetrunk')2. Alternativelyyoucanchangetheoperatorto'!~'togetalertsonmissingconfigurationstatements3. Narrowdownthematchesbyspecifyingaregexpfordevicetypeorconnection-type=Phoneforexample4. AdjustAlertsettingandinformationtextandclickadd
DeviceMonitor
1. Select"DeviceMonitor"fromtheclassselectbox,enter"-"or"no"astargettosettesttononeorspecifyatestlike"ping"
2. Ifyouleavetargetblankit'lldefaulttouptimeforSNMPdevicesandicmpfornon-SNMPones3. Narrowdownthematchesbyspecifyingaregexpfordevicetype,locationorgroupforexample4. AdjustAlertsettingforthemonitoredtarget(repeatoptionsarenotsupportedyet)andclickadd5. DependenciesarenotresolvedautomaticallyandshouldbeconfiguredinMonitoring-Setup
PoEPolice
1. AddaNeighborPolicywiththe"SkipAction"toallowPoedeliverytophonesorcontrolledAPs.2. AddaMACPolicytoeithermatch(~)onparticularaddressesorentera'.'tomatchany3. Narrowdownthematchesbyspecifyingaregexpfordevicetype,locationorgroupforexample4. OptionallyselectaninterfaceconditiontoonlytriggerifPoEwasactiveinthepreviousdiscovery5. Select'PoEDisabled'ActionandaddaresetpolicybyselectingatimeframeafterwhichPoEshouldbere-enabled6. Uponthefirstdiscovery,whenitstimestampisinthepast,theresetpolicyisexecutedtorestorePoEdelivery7. AdjustAlertsettingandinformationtextandclickadd
LinkAlerts
1. Adda"ConnectionBefore"Policyandenter"D$"tomatchregulardevices2. Selectthe"StatusChange"condition3. Alternativelyyoucanselectaconnectiontypetomatchthecurrentstatus(e.g.ifsomeonereplaceadevicewitha
phone)4. AdjustAlertsettingandinformationtextandclickadd
Traffic
1. InNodes-Trafficchoosecolumnstoaggregate(group),sorting,sourceandafilterthenclickShow2. TheSystem-Policyiconappears,clickit3. Setoperatorandathreshold,thenspecifyhowyouwanttogetnotified4. Thispolicycreateseventswithclass'sptr'(System-Policy-Traffic)usingitsidassource
GeneralTopics
Apolicycannotbeedited,butcopiedbyclickingon andthenaddedagainApolicycanbedisabledbyclickingon (andenabledrespectively)ApolicycanberemovedbyclickingonThe"SkipAction" withelistsaport,thusavoidsanyotheractiontobeexecutedYoushouldaddaresetactiontorecoverdisabledportsorre-enablePoEafteragiventime(they'readdedwithstatusnewandatimestampsetinthefuture,whentheactiontakesplace)Theresetactionisperformed,whenitstimestampisinthepastIfskippolor-ScontainsporFnoactionswilltakeplace,exceptthoseofresetpoliciesIfskippolor-ScontainsPpoliciesarecompletelyignoredThoroughlytestpolicieswithoutactionsbefore'arming'themwithoneActionsaresupportedonIOSandProCurvedevicesatthemoment(changedconfigisnotsavedtoflash)Incaseanerroroccuredwhilegettingdeviceneighbors,theskipactionisappliedtoconcernedinterfaces(inhibiingerraticactions)
81
![Page 82: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/82.jpg)
Theinformationtextisusedinevents,emailsandsms,butalsoservesascommentinthepolicylist(e.g.ifnoAlertisselected)Actionscommandsarewrittentopol_filesintheclifolderandcanbereviewedalongwiththeirlogsinSystem-FilesBydefaultapolicysummaryreportisshown
82
![Page 83: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/83.jpg)
System-Services(NeDiServices)
ViewprocessesandresourcesofyourNeDihostandstartorstopcertainservices.
ThetopsectionshowsandcontrolsNeDirelatedservices.Thelowersectionshowsallrunningprocessesandsomesystemstats.Clickon tostopor startaserviceThisonlyworks,iftheservicesdon'tneedtoopenanypriviledgedports(<1024).Ofcourseyoucouldrunthewebserverasroot,butthatcancreatesecurityrisks!ThereforeNeDi'sSyslog(syslog.pl)andsnmptrapdrunonhigh-portsandusuallyareredirectedbyaninternalfirewall.
Discovery
Dependingonthesizeandtopologyofyournetwork,itmakessensetorunseveraldiscoverythreadsatthesametime.
DothisbydividingthenetworkinafewsectionsusingbordersanddifferentseedfilesandaddcrontabentriesaccordinglyOnthefarrightyouseethediscoverystatus(#ofthreadsisrevealedbyhoveringoverIncaseadiscoveryterminatedunexpectedly,youcanresetitbyclickingon .
83
![Page 84: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/84.jpg)
System-Snapshot
Thismodulesletsyoutakeasnapshotofthecurrentdatabase.Thismaybeveryhelpfulforanetworkmigrationforexample,asyoucangobackintimeandexamineyournetworkprioranychanges
InadditionyoucanimportaNeDidatabasefromacompletelydifferentnetworkforreview,withoutaffectingyour"real"data.
AddingaSnapshot
Enterasuffixtoidentifyyoursnapshot.Bydefaultatimestampisfilledin.ProvideDBadminuser(usuallyroot)andpassword.Clickthe"Add"buttontocopythecurrentdatabasetothesnapshot(mighttakeawhile).
ActivatingaSnapshot
Thedatabaseusedinthecurrentsessionisindicatedby .Clickon inthesnapshotlisttoactivateeitherthemaindatabaseorasnapshot.The logoonthetopleftisreplacedby toremindyou,thatyou'reworkinginasnapshotnow.Hoveroverittorevealwhichone.Alarmsoundsandrrdgraphsareturnedoffaswelltoavoidanyconfusionuntilyouselectthemaindatabaseagain(usually'nedi').Youcanmanipulatedatainasnapshot,butitwon'thaveaneffectonthecurrentdatabase,sincethediscoverykeepsusingthemaindatabase.ThisappliesforimportingaDBwithSystem-Filesaswell,meaningyoucanactuallyimportacompletelydifferentdatabase
DeletingaSnapshot
Clickon todeleteasnapshot(onlyshownoninactivesnapshots).Afterconfirmationthesnapshotwillbedeletedanditsdiskspacefreedup.
84
![Page 85: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/85.jpg)
Topology-Linked(LinkEditor)
Editstaticlinkshere,ifthediscoveryprotocolsdon'tdeliversatisfyingresults.
Selectadevice,anyexistinglinksofthisdeviceareshownautomatically.Selectthedesiredinterface(greenindicateslink-statusisup)Dothesamefortheneighbour.Click'Add'tocreatethisandthereverselink.Bothlinksneedtobedeletedseparately,ifthey'renolongerrequired.Theright deletesthelinkandshowstheneighborforeasierdeletionoftheoppositelink.Selectthelinktype,ifyoujustwanttoseewhat'sintheDB.SelectIsolatedtoidentifylinks,withoutdeviceintheDB.Bydefaultthe"ConnectionError"reportisshown
85
![Page 86: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/86.jpg)
Topology-Links(LinkList)
Listlinksofthedevices.
Bydefaultthe"DeviceConnection"reportisshown
86
![Page 87: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/87.jpg)
Topology-Map
Thismodulewasintendedfordocumentationpurposes,eventhoughitfeaturesinteractivehandlingnow.Itcanalsobeusedtoobservetraffic,errors,broadcasts,discards,cpuusageortemperatureofdevices.Mapsarewrittenonaperuserbasistohtml/logorusedinMonitoring-Map.Uponaccessingthismodulethelastmapwillbedisplayedwithoutinteractivefeatures.
GraphsareonlydrawninPNGandonlyforthe1sttimethemapisgenerated,becausethey'llbedeletedafterwards.Thismaybeaproblem,ifyouwishtosavethepicture(screenshotalwaysworks,though).AlternativelySVGoreveninteractiveD3jsmapscanbecreated.Draganodetofixitonthecanvas.Doubleclicktoletitfloatagain."PNG"png"generatestruecolor,"8bit"generates256colorpngimagesrespectively.Theycanbeincludedinthecombinationreportorvariouslists.SVGisusedforvectordrawings,whichcanbeimportedbyotherapplications.Youprobablywanttouse"shapes"insteadof"icons"unlessyoucopythemintotherightplaceonthedestination.Hoverovertheinputfieldsandiconstogethints.Ifyouenabledynamic-edit(farrightwalk-iconabove"Execute"),themapwillberedrawnuponanyinputandfieldsaredisabledifthey'reofnousewiththecurrentsettings.ThisworksbestifthebrowsersupportsHTML5properly.TogetafeelforthisrathercomplexpartofNeDi,clickonthe iconsinothermodulestocreatemapsindifferentcontexts.A"bgmap"mapfindsthebestsuitedbackgroundimageautomatically.E.g.theregionalone,ifyou'reonlydrawingthe"Shire"regionandyou'veuploadedabackground.jpgtotopo/ShirewithSystem-Filesforexample.Assumingyou'veeditedthisregionwithLocedbefore,it'llnowusethecitycoordinates,you'veenteredtoputthecityicons.Ifyoudrawatbuildinglevel,they'llsimplybearrangedaroundthecitycoordinatesinaring.ClicktheMonitorbuttontoaddcurrentmaptoMonitoring-Map
Internallymapsarecalculatedusingpolarcoordinates(exceptin"layer"mode),whereeachlevel(e.g.acity)formsaring.Devicesarearrangedbasedontheirneighbors.Thisdoesnotalwaysworkout,butgenerallyyieldsacceptableresultsaftersometweaking.Thefollowingsectionsexplainhowthisisdone.
Filter
Layermode:The4fieldscorrespondtocore,distribution,accessandaccess2layersandselectdevicesforeachdesiredlayerAllothers:Sameasthefiltersectioninthelistmodules
Main
TitleofMapSize(canbeadjustedinURI)andoutputformatofmapForhierarchicalmapsuse"bld"(drawsbuildingswithfloors)or"ring"(drawsbuildingsascircles).Thisletsyoudrawregion,cityorbuildinglevelmapsleveragingNeDi'sSNMPlocationscheme.The"bgmap"typereliesuploadedbackgroundsandinformationyou'veaddedwithLocedAlternativelyyoucanselect"flat"whichstillgivesyoutheabilitydrawmapswithoutanylocationawarenessbutdisplaynon-SNMPdevicesorevennodes
addsanadditionalconditionstofilteronSNMPdevicesonlydefinesthecenterofyourmap
Rotatemapattop,cityorbuildinglevel(shiftlayersonX-axisin"layer"mode)
Layout
defineshowlinksarepresented.Lengh/leveldetermineshowmuchshorteralinkbetweenbuildingsisgoingtobethanalinkbetweencitiesforexample.Thenextfielddefinestheoffsetfromthelinkendpointforinterface
87
![Page 88: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/88.jpg)
information(ifdisplayed)lengthsetsthetop-levellinklength(canbelookedatzoom-leveltoo).They'redrawn"straight"asdefault,but
sometimesyou'dpreferan"arc"LinkInformationcanbebandwidthorevenaRRDgraph.Itcanbemovedawayfromthecenter,ifitgetsinthe
wayofotheritemsdefineshowmap-nodesarerepresented.Positivenumbersusethepositioninthetopology,negativejust
numberofneighborstodetermineitsdistancefromthecenter.In"layer"modethisonlysety-amplitudeforaccesslayeralternating
Floorsizesetsthebuildingsizewhenactualdevicesaredrawninhierarchicalmaps.Thisvaluecanbeassmallas8if"TinyShapes"isselectedabovetogenerateabird-eyeviewofyournetworkColumnsletsyoucontrolhowwidethosebuildingsarerepresented
Show
Selectvariousdetailstoshowuponthemap
88
![Page 89: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/89.jpg)
Topology-Multicast
SimpletooltoshowPIMroutingtableonaCisco�routerorIGMPinfoonaProCurve�switch.
89
![Page 90: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/90.jpg)
Topology-Networks(NetworkList)
ListIPv4andIPv6addressesbyVRFsforexample.
IfanIPv4addressisempty,theentryisanIPv6address.Hoveroverthenetworkicontorevealit'sclass.ThestatusofthecorrespondinginterfaceorVRF/VPNisshownwiththenetworkicon(stayswhiteifnotavailable).YoucansearchfornetworksusingCIDRnotation(1.2.3.4/24)orregexps( 1̂.2.3)Someprefixesshow0,ifNeDicouldn'treadthemproperlyfromthedevice.
90
![Page 91: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/91.jpg)
Topology-Routes(RoutesToolbox)
ThisistheformerRealtimeRoutesmodule,whichnowprovides3modesofoperation:
Listroutesstoredinthedatabase(NeDi1.8feature)Displaytheroutingtableofadeivce,byselectingonewiththerightselectboxandclicking"Show"Tracearoutebyselectingsource,destinationandclicking"Route"
91
![Page 92: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/92.jpg)
Topology-Spanningtree(RealtimeSpanningtree)
DisplaysSpanningtreestatusofalayer2device.
Selectswitchfromlist.Selectvlan,todisplaypervlanspanningtreeinformation,ifapplicable.Additionallydisplaytrafficgraphs(ifRRDisenabled)toverifyoperation.TheinterfacepointingtotherootbridgeisindicatedwithTheMACaddressoftherootbridgecanbesearchedforbyclickingonIntheIFstatuscolumnyoucanseeifaportisblockingorforwardingetc.
92
![Page 93: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/93.jpg)
Topology-Table
IfyourdevicesareconfiguredwithSNMPlocationinformationaccordingtoNeDi'sscheme,youcandrilldownintoyournetworkinatabularfashionhere.
Thosebuttonsonthetoprighthelpnavigatingandrevealmoreinformation:
Click togettothetop, toregion, tocity,or tobuildinglevel.displaysnumberofdevicesperlocationaddsnodepopulationperlocationaddsfreeaccessportsperlocation
Clickingonlocationnameslistsallitsdevices(thedisplayedwidthissetinUser-Profile ).Youcan"paint"importantbuildingsred(ish)withredbuildinnedi.conf.Astreetaddresscanhaveseveralbuildings,ifbldsepisconfiguredcorrectly.Adigitshowingtheamountofsub-buildingsisadded,iftherearemorethanone.
Thenextbuttoncyclesthedisplayofyoursites.ThestateispreservedwithinthesessionandisusedinMonitoring-Healthaswell:
Switchestosmallicons(goodfordisplayinghundredsofsites)ShowsNeDimaps(foraglanceinside)Showsstaticmapswhicharecachedinthe"topo/"treeAddswheatherinformationforcities,withthatyouknowwhenit'sdownbecauseofathunderstorm.Revertstothedefaulticondisplay.
BuildingLevel
Insideabuildingyougettoseethedevicesoneachfloorandroom.Ifyouspecifiedtherackandrack-unit,theroomnamebecomesalinkwhichtakesyoutotherackview.
Clickingonafloorlistsallmatchingdevices.Togglesdisplayingnon-SNMPdevices.Showsdevicepanelsinsteadoficons.
IfphotosordocumentsnamedBuilding-Floor-something(ignoringnon-wordcharacters)arefoundintopo/Region/Citythey'representedwithaniconunderneaththefloorlabel.Clickingonthemrevealsthephotoinapopupwindoworopensthefile.
93
![Page 94: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/94.jpg)
User-Chat
AverysimplechatinterfaceforNeDiusers.Youcanalsorunstati.pleveryweekorsoanditwilladdstatisticstothechat,similartoabotinanIRCchannel.
Hoveroverauserimage,ifyou'reunsurewhoitisThegreeneramessagethemorerecentYoureventsarealittlebrighterthanthoseofothers
94
![Page 95: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/95.jpg)
User-Management
Adminscanaddandmanageusersandtheirgroupshere.InadditionaDeviceFiltercanbeappliedtoanon-adminusertorestricthisaccesstothenetwork.
AssigngroupsbyclickingontheGroupicons.Selectdevicefilter,ifrequired.Entera-toclear,clickon toverifyDeleteanaccountbyclickingUse toresetalostpasswordOthericonslistdevices,assetsandeventsrelatedtotheuser
95
![Page 96: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/96.jpg)
User-Profile
Thisisyourstartingpage,whensigningin(exceptforDecember;-).Italsoservestodisplayanyadministativenotificationsandtoedityourpasswordandinformation.
You'llonlyreceivemonitoringemailsandSMS,ifyouenteryourinfoaccordinglyandareinthemonitoringgroupletslisttablesrememberthecolumnsettingsandadds"breadcrumps"totheheader.Ifyouareusinganssh
andtelnetpluginthatreckognizesplainIPaddresses,youcanturnoffanyIPlinksaswell#ofeventsorreportentriesareshownincertainmodules#ofcolumnstobeshownintopologytableviewslabellengthintablesandmaps
LanguageandthemearenotupdatedimmediatelyandrequireareloadletsyouedittheAdminMessage(ifyou'reanadmin)
96
![Page 97: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/97.jpg)
User-Radius
ThisisaNeDiEnterprisemodule,onlyavailablethroughacertifiedpartner
ManagerscanaddRadiusgroupsanduserswiththismodule(requiresradiusdatabasesettingsinnedi.conf).
IntheVlansectionofDevices-Statusclickon toprefillthegroupfieldsChangetoyourneedsandclick"Add"tocreateagroupreplyentryForMACauthentication,filterdesirednodesinNodes-ListSelectagroup(ornot)andclick"Radius"toaddvisiblenodestotheradiusDBAddotherusersbyenteringname,passwordimUser-Radiusandselectgroup(ornot)andclick"Add"Createauserlistbyusingthefilterandclicking"Show"Bydefaulttheavailablegroupsanduser-groupmappingsareshown
97
![Page 98: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/98.jpg)
TableofContents
Introduction 2InstallationInstructions 3
GeneralOverview 4Architecture 5FunctionalBreakdown 6Terminology 7
NetworkManagement 9Prerequisites 9TopologyAwareness 10ConfigurationBackup 12DeviceModules 13NetworkPopulation(Nodes) 14Editnedi.conf 15Editseedlist 16DiscovertheNetwork 17Editcrontab 19
AssetDiscovery 20Troubleshooting 21FrontendOverview 22RESTAPI 22ManagingAssets 23TheNeDiGUI 24Lists 25Monitoring 26Reporting 28
GUIModules 29Assets-List 30Assets-Locations(LocationList) 31Assets-Loced(LocationEditor) 32Assets-Management 33Devices-Config 34Devices-Doctor(DeviceDoctor) 35Devices-Graph 36Devices-Install 37Devices-Interfaces(InterfaceList) 38Devices-List 39Devices-Modules(ModuleList) 40Devices-Status(DeviceStatus) 41Devices-Translator(ConfigurationTranslator) 43Devices-Vlans(VlanList) 45Devices-Write 46Monitoring-Events 47Monitoring-Health 48Monitoring-History 49
98
![Page 99: The NeDi Guide NeDi Guide.pdf · Topology Awareness If mapping your network with a clear and automated visual representation is important to you, you will want to enable the topology](https://reader033.vdocuments.site/reader033/viewer/2022041418/5e1d1b9895def13a3c5bc47c/html5/thumbnails/99.jpg)
Monitoring-Incidents(IncidentList) 50Monitoring-Map 51Monitoring-Master 52Monitoring-Setup 53Nodes-Create 54Nodes-List 55Nodes-RogueAP(RogueAPList) 56Nodes-Status(NodeStatus) 57Nodes-Toolbox 58Nodes-Traffic 59Other-Calculator(IPCalculator) 60Other-Converter(NumberConverter) 61Other-Defed(DeviceDefinitionEditor) 62Other-Flower(FlowerOpenflows) 63Other-Info 64Other-Invoice(InvoiceGenerator) 65Other-Noodle(NoodleSearch) 66Reports-Combination(CombinationReports) 67Reports-Custom(CustomReport) 68Reports-Devices(DeviceReports) 69Reports-Interfaces(InterfaceReports) 70Reports-Modules(ModuleReports) 71Reports-Monitoring(MonitoringReports) 72Reports-Networks(InterfaceReports) 73Reports-Nodes(NodeReports) 74System-Database 75System-Files 76System-NeDi 77System-NoDi 79System-Policy 80System-Services(NeDiServices) 83System-Snapshot 84Topology-Linked(LinkEditor) 85Topology-Links(LinkList) 86Topology-Map 87Topology-Multicast 89Topology-Networks(NetworkList) 90Topology-Routes(RoutesToolbox) 91Topology-Spanningtree(RealtimeSpanningtree) 92Topology-Table 93User-Chat 94User-Management 95User-Profile 96User-Radius 97
99