phpipam
SNMP support for multiple vendors - TARGET after phpIPAM V1.40 release
Free time permitting; I'm planning to add SNMP support for multiple vendors after the 1.40 release.
Multi vendor support will be via selectable device profiles or will be chosen automatically based on vendor encoded in SNMPv2-MIB::sysObjectID (yet to be decided).
I don't have access to many of the devices requested. If you would like to see support please post vendor, device model, device SNMPv2-MIB::sysObjectID and the alternative mibs required for the below functions and assist with testing/development.
Please also supply an example snmpwalk output of the new mib so the results can be processed correctly.
get_system_info Displays device system info SNMPv2-MIB::sysDescr
get_arp_table Fetches ARP table IP-MIB::ipNetToMediaEntry
get_mac_table Fetches MAC address table BRIDGE-MIB::dot1dTpFdbEntry
get_interfaces_ip Fetches interface ip addresses IP-MIB::ipAddrEntry
get_routing_table Fetches routing table IP-FORWARD-MIB::ipCidrRouteEntry
get_vlan_table Fetches VLAN table CISCO-VTP-MIB::vtpVlanName
get_vrf_table Fetches VRF table MPLS-VPN-MIB::mplsVpnVrfDescription
Please post all the information below:
device vendor:
device model:
device sysObjectID:
function:
new mib:
example new mib snmpwalk output:
device vendor:
Ubiquiti Networks, Inc
device model:
USG, UniFi Security Gateway
device sysObjectID:
SNMPv2-SMI::enterprises.41112.1.5
function:
router
Mibs:
SNMPv2-MIB
IP-MIB
IP-FORWARD-MIB
IF-MIB
example new mib snmpwalk output:
@GaryAllan please check my proposal in #1085, i understand it is a bit different way, but imho require less developer/maintainer effort
Hi Gary,
I'd like to integrate Juniper devices. More specifically the MX480. I'll send my data.
Ubiquiti Edgeswitch, Edgerouter https://community.ubnt.com/t5/EdgeRouter/Edgemax-amp-edgeswitch-MIBs/td-p/1871491
https://dl.ubnt.com/firmwares/edgemax/EdgeSwitch/v1.7.1/ES-eswh.v1.7.1.4993748-mibs.tar.gz https://community.ubnt.com/t5/EdgeSwitch/SNMP-MIBs/m-p/1202765#M2340
UBNT MIB:
https://dl.ubnt.com/firmwares/airfiber2X/v4.0.3/UBNT-MIB.txt
device vendor: Hewlett Packard Enterprises device model: Aruba 2530 24G PoE+ Switch (J9773A) device sysObjectID: SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.11.2.3.7.11.137 function:switch mibs: SNMPv2-MIB IP-MIB IP-FORWARD-MIB IF-MIB example new mib snmpwalk output: aruba2530_snmpwalk.txt
device vendor: Teldat device model: M1+ device sysObjectID: SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.2007.1.1.199 function:router mibs: SNMPv2-MIB IP-MIB IP-FORWARD-MIB IF-MIB example new mib snmpwalk output: teldatm1snmpwalk.txt
device vendor: Juniper Networks device model: QFX5100 device sysObjectID:SNMPv2-SMI::enterprises.2636.1.1.1.4.82.5 function:router mibs: SNMPv2-MIB IP-MIB IP-FORWARD-MIB IF-MIB example new mib snmpwalk output: juniperqfx_snmpwalk.log
device vendor: HP device model: HPE 5130 48G PoE+ 4SFP+ EI Switch device sysObjectID: SNMPv2-SMI::enterprises.25506.11.1.189 function: Switch
[root@cardlipamdev1 ~]# snmpwalk -v 2c -c XXX system SNMPv2-MIB::sysDescr.0 = STRING: HPE Comware Platform Software, Software Version 7.1.070, Release 3208P03 HPE 5130 48G PoE+ 4SFP+ EI Switch Copyright (c) 2010-2017 Hewlett Packard Enterprise Development LP SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.25506.11.1.189 DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (2359717400) 273 days, 2:46:14.00 SNMPv2-MIB::sysContact.0 = STRING: Hewlett Packard Enterprise Company 3000 Hanover St Palo Alto, CA 94304 SNMPv2-MIB::sysName.0 = STRING: EDGE-200 SNMPv2-MIB::sysLocation.0 = STRING: SNMPv2-MIB::sysServices.0 = INTEGER: 78
device vendor: Mikrotik device model: RBM33G device sysObjectID:SNMPv2-SMI::enterprises.14988.1 function:router mibs: SNMPv2-MIB IP-MIB IP-FORWARD-MIB IF-MIB HOST-RESOURCES-MIB example new mib snmpwalk output: mikrotikrbm33g-snmpwalk.txt
device vendor: Dell device model: N4032F device sysObjectID: SNMPv2-SMI::enterprises.674.10895.3044 function: switch new mib: I don't know what you need here, but you can download the MIBs from http://dell.to/2HCo6Mh example new mib snmpwalk output: n4032f-snmpwalk.txt
@Wolvverine After 1.40 is out. I'll create a SNMP branch free time permitting (not had much free time).
I'm planning a class based model with a PHP object interface. People can extend existing or base classes (like API classes) to implement new devices/vendor polling and push the useful ones upstream.
Choose the class to poll a device with either explicity or auto-magically via longest partial OID string match.
Just ideas/planning at this stage. No code to share.
There are a few other areas I'd like to work on which may take priority.... 1.41 or 1.42 is the most likely timeframe.
Good day.
Here is my modification of function in /functions/classes/class.SNMP.php Some devices don't work with OID .1.3.6.1.2.1.4.22 (RFC1213). I modify function for OID .1.3.6.1.2.1.4.35 (RFC4293).
private function get_arp_table () {
// init
$this->connection_open ();
// fetch
$res2 = $this->snmp_walk ( "IP-MIB::ipNetToMediaPhysAddressRFC4293" ); // mac
// parse MAC
$n=0;
foreach ($res2 as $key => $r) {
// mac
$res[$n]['mac'] = $this->fill_mac_nulls ($r);
// validate mac
if ($this->validate_mac($res[$n]['mac'])===false) { $res[$n]['mac'] = ""; }
// ip
$res[$n]['ip'] =
preg_replace('/.*?(\d+\.\d+\.\d+\.\d+)$/', '$1', $key);
$n++;
};
$interface_indexes = array(); // to avoid fetching if multiple times
// fetch interface name
$n=0;
foreach ($res2 as $key => $r) {
// $index = $this->parse_snmp_result_value ($r);
$index = preg_replace('/^(\.\d+){10}\.(\d+).*?$/', '$2', $key);
// if already fetched
if (array_key_exists($index, $interface_indexes)) {
$res[$n]['port'] = $interface_indexes[$index];
}
else {
try {
$res1 = $this->snmp_get ( "IF-MIB::ifName", $index ); // if description
$res2 = $this->snmp_get ( "IF-MIB::ifDescr", $index ); // if port
//parse and save
$res[$n]['port'] = $this->parse_snmp_result_value ($res1);
$res[$n]['portname'] = $this->parse_snmp_result_value ($res2);
$interface_indexes[$index] = $res[$n]['port'];
}
catch (Exception $e) {
$res[$n]['port'] = "";
$res[$n]['portname'] = "";
}
}
$n++;
}
// save result
$this->save_last_result ($res);
// return response
return isset($res) ? $res : false;
}
Also i added row:
'IP-MIB::ipNetToMediaPhysAddressRFC4293' => '.1.3.6.1.2.1.4.35.1.4',
Hi, I understand that ping scan for IPv6 is not a good idea. but is there a way to enable SNMP scan for IPv6 subnets?
looks like the functionality itself is not considered because IPv6 subnets are huge for ping scan. but pulling "ipv6 neighbor" from the L3 device should be faster?
this message is displayed "IPv6 scanning is not supported!"
Thanks
~Arvin
Preface: -I'm new to php as a language -still learning under the hood SNMP
With that out of the way, I have phpipam deployed in a 100% Cisco environment using Cat3850,Nexus 5k and 7k, and an assortment of asr and asa. The issue I'm having is the discovery of MAC addresses by using the current class.SNMP.php function in phpipam 1.40. Trying to read through the script I understand that we have set a value of $vlan_number with public $vlan_number = 1. However, this is only used in the set_snmp_device & set_snmp_cummunity public and private function, respectively. My issue with this is using certain OID's under the BRIDGE-MIB module.
When looking at the private function of get_vlan_table, I can see how the vlan ID is indexed, but I don't see how the index doesn't make it's way into a variable that the $vlan_number can be reference. If it could then the set_snmp_community could then utilize the various vlans configured on a switch, and thus the get_mac_table could be invoked correctly. certain BRIDGE_MIB need to set the vlan id in the c-string for it to pull any data. See below attachment for verification using snmpwalk. As well please see "snippet_snmp_code.txt" for reference of the functions I mentioned.
non_working_snmpwalk_bridge-mib.txt working_snmpwalk_bridge-mib.txt snippet_snmp_code.txt
Edit: (applies to SNMP ARP, get_arp_table) Upon further investigation I've added echoes in random places to see output when testing the snmp for "get_mac_table" function. I am able to see that the device is running the appropriate mib and is receiving information back, The issue has to do with the function fill_mac_nulls or the in line $this->validate_mac function whereby if the array value of 'mac' equals false then return an empty print. I tested that I am hitting the false statement as I see no MAC entries in neither the get_mac_table nor get_arp_table functions. For the sake of my own sanity, I modified the print out to say "empty mac address" to see if I were to run an snmp arp scan from a subnet if that print out would show, and sure enough it did.
My new question now is how does the $this->fill_mac_nulls function and subsequently $this->validate_mac have their way with an oid (IP-MIB::ipNetToMediaPhysAddress and BRIDGE-MIB::dot1dTpFdbAddress) response of this:
IP-MIB::ipNetToMediaPhysAddress.128.10.114.23.16 = STRING: 0:27:e3:9f:26:41 Hex-STRING: CC 98 91 54 A4 B0
private function fill_mac_nulls ($mac) {
//make sure MAC has all 0
$mac = explode(":", trim(substr($mac, strpos($mac, ":")+2)));
foreach ($mac as $km=>$mc) {
if (strlen($mc)==1) {
$mac[$km] = str_pad($mc, 2, "0", STR_PAD_LEFT);
}
}
// return
return implode(":", $mac);
}
private function get_mac_table () {
// init
$this->connection_open ();
// fetch
$res1 = $this->snmp_walk ( "BRIDGE-MIB::dot1dTpFdbAddress" ); // mac
$res2 = $this->snmp_walk ( "BRIDGE-MIB::dot1dTpFdbPort" ); // bridge port index
// parse MAC
$n=0;
foreach ($res1 as $r) {
$res[$n]['mac'] = $this->fill_mac_nulls ($r);
// validate mac
if ($this->validate_mac($res[$n]['mac'])===false) { $res[$n]['mac'] = ""; }
$n++;
};
private function get_arp_table () {
// init
$this->connection_open ();
// fetch
$res1 = $this->snmp_walk ( "IP-MIB::ipNetToMediaNetAddress" ); // ip
$res2 = $this->snmp_walk ( "IP-MIB::ipNetToMediaPhysAddress" ); // mac
$res3 = $this->snmp_walk ( "IP-MIB::ipNetToMediaIfIndex" ); // interface index
// parse IP
$n=0;
foreach ($res1 as $r) {
$res[$n]['ip'] = $this->parse_snmp_result_value ($r);
$n++;
}
// parse MAC
$n=0;
foreach ($res2 as $r) {
$res[$n]['mac'] = $this->fill_mac_nulls ($r);
// validate mac
if ($this->validate_mac($res[$n]['mac'])===false) { $res[$n]['mac'] = ""; }
$n++;
};
I am trying to use this with some Ruckus switches. There are three models that we use. ICX 7150, 7450, and 7750 that are switch/routers. Please let me know if you need more.
device vendor: Ruckus device model: ICX 7150, ICX 7450, and ICX 7750 icx 7150 device sysObjectID: SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.1991.1.3.64.3.1.1.2 icx 7450 device sysObjectID: SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.1991.1.3.48.8.3 icx 7750 device sysObjectID: SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.1991.1.3.48.7.3 function: get_system_info, get_arp_table, get_mac_table, get_interfaces_ip, get_routing_table, get_vlan_table new mib: The attached mibs are from each of the latest os. icx7150-SPR08095c-mib.txt icx7450-SPR08095c-mib.txt icx7750-SWR08095c-mib.txt
Device Vendor: HP (Hewlett Packard) Device Model: HP J9775A 2530-48G Switch
(without mibs) HP_2530-48G_A-SW02.txt
(with mibs) smtpwalk_HP2530.txt
device vendor: Arista
device model: Arista Networks EOS version 4.23.0F running on an Arista Networks DCS-7280SR2-48YC6-M
device sysObjectID: SNMPv2-SMI::enterprises.30065.1.3011.7280.3735.2.48.1654.6.972
function: Layer-3 switch
new mib: https://www.arista.com/en/support/product-documentation/arista-snmp-mibs
It would also be beneficial if the route walk could be filtered by routing protocol type.
Can you give me snmp module support for Alcatel switches, PRTG as the snmp server
