5. Router integration

Introduction

Routers can be queried regularly to discover the IP addresses & DNS names attributed to MAC addresses. This is an important part of the "auto discovery" of end devices.

If router_mac_ip_discoverall=true in the config table, the router_mac_ip module will document all MAC/IP pairs it finds on the network, not just those actively managed with the vmps protocol. End-devices found in this way are marked with the status "unmanaged" (see for example the overview page in the windows GUI).

See also the Installation Guide -> Learning Mode .

Configuration

Settiings are configured in two places, etc/config.inc and the 'config' mysql table. In V3 and later all settings except passwords are iun the config table.

Configuration: config.inc

This file, created from config.inc.template contains sensitive data such as passwords. For this module, set the SNMP community string for querying router settings:

$snmp_ro 

Configuration: 'config' table

The 'config' table can be managed either from the mysql command line (use 'describe config' and 'select * from config' if you are at ease with SQL), or more easily from the Windows GUI (Users Guide -> Windows GUI -> Administration tab ).
Note: In V2.2 and earlier, settings are in config.inc only.

There are several configuration variable that must be set.

What are the IP addresses of routers from which ARP tables are to be queried?

core_routers=192.168.245.3 192.168.245.6 192.168.245.30

Should all new IP addresses be documented, or just those already in the systems table?

router_mac_ip_discoverall=true  

What IP and MAC addresses are to be ignored when querying?

router_mac_ip_ignore_ip= /^(127.0.0|192.168.|193.5.238)/

router_mac_ip_ignore_mac= /^(00d0.0064.d000|0008.02a1.a3b3)/

Should IP addresses be translated into names from DNS and updated?

router_mac_ip_update_from_dns=true

Names can also be updated from NMB (Windows naming), as opposed to DNS. Most sites should stick with DNS.

router_mac_ip_update_from_nmb=false 

Installation

Adapt the settings above, then try /opt/nac/bin/router_mac_ip.php from the command line, initially increasing the debug level from 0 to 3.

$logger->setDebugLevel(3);

Check the messages tagged 'router_mac_ip' in syslog to understand behaviour. Make sure that the router queries are working, and are fast (e.g. 20 secs.). Are end-devices being added to the systems table, are they visible in the GUI?

When its works as expected, then add an entry to the root cron, for example to query the routers every 6 minutes:

*/6 *    * * *   /opt/nac/bin/router_mac_ip