Find Neighbour with SNMP LLDP

network-programming ip snmp network-monitoring

20,506

Solution 1

This code is walking LLDP oid on devices from list which contains ip addres and add neighbourships to parallel arrays. ex; (Each heading is ArrayList) HostName HostInterface NeigbourName NeighbourInt sw2960 fa0/1 HP-98765 Ethernet0/4

   package NDMSMain;

import java.io.IOException;
import java.util.ArrayList;

import SNMPHandler.SNMPManager;
import SNMPHandler.SNMPWalk;
import TopologyHandler.WriteXMLFile;

public class LldpDiscovery {

    static SNMPWalk t1 = new SNMPWalk();
    public static String LLDP_OID = "1.0.8802.1.1.2.1.4.1.1";
    public static String snmpCheck = null; //MODEL
    public static String devicePid = null;  //Product Id

    public static ArrayList<String> topologyNodeId = new ArrayList<String>();
    public static ArrayList<String> lldpHostName = new ArrayList<String>();
    public static ArrayList<String> lldpHostInt = new ArrayList<String>();
    public static ArrayList<String> lldpNeigName = new ArrayList<String>();
    public static ArrayList<String> lldpNeigInt = new ArrayList<String>();
    public static ArrayList<String> lldpNeigMac = new ArrayList<String>();
    public static ArrayList<String> deviceModel = new ArrayList<String>();


    public static void main() {

        System.out.println("LLDP GELDIIIII");

        frame1 out = new frame1();
        String testWalk="";

        String satir[]=null;
        String esit[]=null;
        String hostInt = null;
        for(int i=0; i<out.ipler.size();i++)
        {
            try {

                devicePid = SNMPManager.main("udp:"+out.ipler.get(i).toString()+"/161","1.0.8802.1.1.2.1.5.4795.1.2.7.0");

            if(!devicePid.startsWith("no"))
            {
                // To determine node count and Id s

                snmpCheck= SNMPManager.main("udp:"+out.ipler.get(i).toString()+"/161","1.3.6.1.2.1.1.5.0");
                deviceModel.add(devicePid);
                topologyNodeId.add(snmpCheck);



            testWalk =  t1.main(out.ipler.get(i).toString(),LLDP_OID);


            satir= testWalk.split("\n");
            //System.out.println("satir 0"+satir[0].toString());
            //System.out.println("satir 1"+satir[1].toString());
            int ind =0;
            for(int k=0;k<satir.length;k++)
            {

                esit = null;
                esit = satir[k].split("=");
                //System.out.println("===Hostlar");
                //System.out.println("ind 0: "+esit[ind]);
                if(esit[ind].startsWith("1.0.8802.1.1.2.1.4.1.1.7.0") && !esit[ind].equals("1.0.8802.1.1.2.1.4.1.1.7.0.1.2 "))
                {


                    hostInt = esit[ind].substring(esit[ind].length()-5, esit[ind].length()-3);
                    //System.out.println("===Start-4.1.1.7.0 - genel cnt: "+ arrayCnts +" fa0-"+hostInt);
                    if(!hostInt.startsWith("."))
                    {
                        //System.out.println("===Start-4.1.1.7.0 - .li cnt: " + arrayCnts +"fa0-"+hostInt);
                        lldpHostInt.add("fa0-"+hostInt);

                    }
                    else
                    {
                        //System.out.println("===Start-4.1.1.7.0 - .siz cnt: " + arrayCnts +"fa0-"+hostInt);
                        lldpHostInt.add("fa0-"+hostInt.substring(hostInt.length()-1,hostInt.length())); 

                    }

                    //System.out.println("=== LLDPNeigh cnt:" + arrayCnts + esit[1]);
                    lldpNeigInt.add(esit[1]);


                }
                else if(esit[ind].startsWith("1.0.8802.1.1.2.1.4.1.1.9.0"))
                {
                    //System.out.println("=== NeighNAme cnt:" + arrayCnts + esit[1]);
                    if(!esit[1].equals(" "))
                    {
                        lldpNeigName.add(esit[1]);
                        lldpHostName.add(snmpCheck);
                    }



                //  lldpHostName.add(out.asd);

                }
                else if(esit[ind].startsWith("1.0.8802.1.1.2.1.4.1.1.5.0") && !esit[ind].equals("1.0.8802.1.1.2.1.4.1.1.5.0.1.2 "))
                {

                    lldpNeigMac.add(esit[1]);
                }
            }
            }

            else   // SNMP DESTEKLEMEYEN CIHAZLAR ICIN COZUM BULUNACAK
            {


                System.out.println("*********There is unknown device here!!!! ******");

            }
        } catch (IOException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }//
        }


        System.out.println("---HostName---");
        for(int i=0; i<lldpHostName.size();i++)
        {
            System.out.println(lldpHostName.get(i).toString());
        }
        System.out.println("---HostInt---");
        for(int i=0; i<lldpHostInt.size();i++)
        {

            System.out.println(lldpHostInt.get(i).toString());

        }
        System.out.println("---NeighInt---");
        for(int i=0; i<lldpHostInt.size();i++)
        {

            System.out.println(lldpNeigInt.get(i).toString());

        }
        System.out.println("---NeighName---");
        for(int i=0; i<lldpNeigName.size();i++)
        {
            System.out.println(lldpNeigName.get(i).toString());
        }
        System.out.println("---NeighMac---");
        for(int i=0; i<lldpHostInt.size();i++)
        {
            System.out.println(lldpNeigMac.get(i).toString());
        }
        System.out.println("---NodeId---");
        for(int i=0; i<topologyNodeId.size();i++)
        {
            System.out.println(topologyNodeId.get(i).toString());
        }

        for (int i=0;i<lldpNeigName.size();i++)
        {
            if(!topologyNodeId.contains(lldpNeigName.get(i).trim()))
            {
                topologyNodeId.add(lldpNeigName.get(i));
            }
        }


        System.out.println("===LLDPNODE ID");
        for(int i=0; i<topologyNodeId.size();i++)
        {
            System.out.println(topologyNodeId.get(i).toString());
        }   




    //  createCSV();

        //WriteXMLFile.main();



    enter code here

        /*lldpHostName.clear();
        lldpHostInt.clear();
        lldpNeigInt.clear();
        lldpNeigMac.clear();
        lldpNeigName.clear();
        topologyNodeId.clear();
        deviceModel.clear();*/


    }

}

Solution 2

I think you are wanting lldpRemLocalPortNum, which is of syntax type LldpPortNumber. The definition of LldpPortNumber says:

        A port number has no mandatory relationship to an
        InterfaceIndex object (of the interfaces MIB, IETF RFC 2863).
        If the LLDP agent is a IEEE 802.1D, IEEE 802.1Q bridge, the
        LldpPortNumber will have the same value as the dot1dBasePort
        object (defined in IETF RFC 1493) associated corresponding
        bridge port.  If the system hosting LLDP agent is not an
        IEEE 802.1D or an IEEE 802.1Q bridge, the LldpPortNumber
        will have the same value as the corresponding interface's
        **InterfaceIndex** object.

InterfaceIndex is the IF-MIB::ifIndex, which should map to the correct interface on the device. Does that help?

20,506

Author by

user2260979

Updated on July 09, 2022

Comments

user2260979 almost 2 years

i have several switches (Hirschmann Mach1040, RS40) connected together. So i want to elict the mac address/ip address of the connected neigbour switch on port x with the snmp. is there a lldp mib_value which tells me the neihbour mac or ip at the specific port on the swich??

Thanks a lot for the help!!!
user2260979 about 11 years

thanks for the answer. But i am not quiet sure about the information. can you give me an example? The MIB 1.0.8802.1.1.2.1.4.1.1.5 gives me the MAC-Address from the neighbour, so no what to do to get the port number which is connected with the current switch. (Not the neighbour)
user2260979 about 11 years

Another question: is there a possibility to get the IP_Address when i have the MAC-Address of a Device? (Note: I only have switches in the network)
Colby Blair about 11 years

Sure. So let's say you have this guy:
Colby Blair about 11 years

LLDP-MIB::lldpLocPortId.4 = STRING: "FastEthernet1" . Then you should also have one of these: IF-MIB::ifName.4 = STRING: "eth1" . You cross reference lldpLocPortNum with ifIndex, i.e. '4' above. I can add more detail if you need it, SNMP can be cryptic.
Colby Blair about 11 years

This works for lldpRemLocalPortNum as well (its the same LldpPortNumber type).
user2260979 about 11 years

i need more details. i. e. i have this neighbour found in (lldpRemoteSystemData) lldpRemTable.lldpRemEntry.lldpRemChassisId.1325376015.2.1 ec e5 55 32 20 88, so i need the connection to the lldplocalsystemdata (Current Switch) entry to see on which port (i. e.lldpLocPortTable.lldpLocPortEntry.lldpLocPortDesc.1 Module: 1 Port: 1 - 1 Gbit) of the current switch is this neighbour connected.
user2260979 about 11 years

so when i look at : lldpRemTable.lldpRemEntry.lldpRemChassisId.1325376015.2.1 ec e5 55 32 20 88, the number .2 always gives me the port number of the current switch wich is connected to that mac address? Do you have some good sources where more details explained for snmp like the things we discussed?
user2260979 about 11 years

Another question: is there a possibility to get the IP_Address when i have the MAC-Address of a Device? (Note: I only have switches in the network)
Colby Blair about 11 years

Yes; they always give you the port number. Note that port number is arbitrary; who's port number 1? eth1? lo? eth_br? (see the problem?) Without the mapping from 2 (port number) to something like a description (ifName = "eth2", etc), the port number is not as meaningful. But with the mapping, its very useful.
Colby Blair about 11 years

Its not guaranteed that you can get the IP address; maybe the remote has no IP address, right?lldpRemTable.lldpRemEntry.lldpRemChassisId.1325376015.‌2.1 ec e5 55 32 20 88 means the remote's ChassisID is a MAC address. But ChassisID in the LLDP frame from the remote can be an IP address, MAC address, or anything else (see lldpRemChassisIdSubtype). Its a nice bonus to get an IP address, but you can't rely on it; LLDP is a layer 2 protocol, so IP (layer 3) is above its pay grade.
user2260979 about 11 years

and how can i get the IP-Address from the neighbours?? is there good solution to get the ip-address ?
Colby Blair about 11 years

What you are asking for, is a protocol that says, if you have an IP (or MAC) address on the network, you should advertise it to your neighbors. The neighbors can then use it to communicate with you. That's ARP (or NDP in IPv6), see this thread. That MIB should get you what you want. ARP is the only required protocol that does what you want, and there are no required MIBs in SNMP that do what you want. If you are a developer, you should implement those MIBs. If not, you can only ask the vendor too. : )
user2260979 about 11 years

thanks for the information. it was very helpful. so when i read the mib-object 1.3.6.1.2.1.4.22.1.2 then i get for example 65.10.8.136.5. 10.8.136.5 is the ip address but what is 65.??
Colby Blair about 11 years

65 is ipNetToMediaIfIndex. ipNetToMediaPhysAddress is an OID in a table, so it gets indexes. In this case, two indexes ipNetToMediaIfIndex and ipNetToMediaNetAddres. What this means, is you can have multiple table entries for one IP address, since that IP address could show up on multiple interfaces. The IP-MIB::ipNetToMediaEntry definition tells you this: INDEX {ipNetToMediaIfIndex,ipNetToMediaNetAddress}. I was kind of surprised this OID returned a value for you, this MIB is getting a bit old. Glad it was useful, most people's eyes roll/cross with SNMP.
user2260979 about 11 years

is it possible to detect wich port is innactive and wich port is active. for example to detect if a line is broken or not connected. I found this one 1.3.6.1.4.1.248.15.1.2.15.9.1.5 (hmAgentStpCstPortForwardingState) from hirschmann. But is their a mib object wich is useable for all switches? Because this one is only for hirschmann switches, when i change to another switch i would have a problem!!
Colby Blair about 11 years

How about IF-MIB::ifOperStatus (.1.3.6.1.2.1.2.2.1.8)?
user2260979 about 11 years

thanks, i am sorry i had to add the information: i have a ring with MRP-Protocoll, one is the ring master the others are slave. so now i want to detect which one is the master, and which line is switched on, and which is switched off by the master
Colby Blair about 11 years

After doing some googling, I've only found private enterprise mibs for this (i.e. Foundary's FOUNDRY-SN-MRP-MIB here ). That's pretty far beyond what I've ever seen RFC/standard MIBs do, so you'll probably have to depend on your vendors for that.
user2260979 about 11 years

so maybe you can help me with that?? i use hirschmann switches (Mach1040, RS40) but the company gives me no information about that.
Colby Blair about 11 years

Both products really don't list which MIBs they use. See if you can ask them, or find out from their Web UI / CLI, etc. Short of that, you'll have to do an snmp walk of the entire device from .1: snmpwalk -v 2c -c public switch1 .1, and post the result here. Which will be a done of results. Once we know the MIBs (or at least the OIDs), we can figure out which ones have what you need.
user2260979 about 11 years

so i got the output from snmpwalk .1 in a textfile, maybe i can send it via email to you?? (Because their are to much entries to post it here)
user2260979 about 11 years

maybe this helps: i found this mib 1.3.6.1.4.1.248.14.5 (hmRingRedundancy). but its to long to post all entries here. how shoud we handle that?
Colby Blair about 11 years

The OID 1.3.6.1.4.1 is the enterprise (private) subtree of SNMP, which makes downloading the MIB much harder (I couldn't find a download for HMRING-MGMT-SNMP-MIB which contains hmRingRedundancy). You'll either have to send a link to this MIB, or contact its owner (Hirschmann Electronics GmbH & Co. KG) to find out what this MIB / these OIDs do.
user2260979 about 11 years

thanks for all the help, at the moment i have now another question. When i get a mac-adress. and i want to translate the mac address to an ip address. for example for a ip i found follwoing 3 entries in ipNetToMediaTable (1.3.6.1.2.1.4.22): ioNetToMediaEntry.ipNetToMediaIfIndex.65.10.8.142.3; Value = 65 ioNetToMediaEntry.ipNetToMediaPhysAddress.65.10.8.142.3; Value = XX:XX:XX:XX:XX:XX ioNetToMediaEntry.ipNetToMediaNetAddress.65.10.8.142.3; Value = 10.8.142.3 Can you explain me step by step which order i have to use to translate the mac-address to the ip address with the listed 3 MIB Objects
Colby Blair about 11 years

For multiple values, 1). get a list of ipNetToMediaIfIndex's: snmpwalk ipNetToMediaTable.ipNetToMediaIfIndex, 2). take that list of ipNetToMediaIfIndex's and get a list of ipNetToMediaPhysAddress's for each ipNetToMediaIfIndex (although they're will probably be only one for each): snmpwalk ipNetToMediaTable.ipNetToMediaNetAddress.(each ipNetToMediaIfIndex value). Viola!
Colby Blair about 11 years

Its pretty easy (for snmp) from what you have: 1). snmpget ipNetToMediaEntry.ipNetToMediaNetAddress.(ipNetToMediaIfInde‌x).(ipNetToMediaNetA‌‌ddress).(ipNetToMe‌diaType), or from above snmpget ipNetToMediaEntry.ipNetToMediaNetAddress.65.10.8.142.3 (10.8.142.3), 2). snmpget ipNetToMediaEntry.ipNetToMediaPhysAddress.(ipNetToMediaIfInd‌ex).(ipNetToMediaNet‌‌Address), or ipNetToMediaEntry.ipNetToMediaPhysAddress.65.10.8.142.3 . If you're asking how to do this for multiple values, see above.
user2260979 about 11 years

what is with that way (MAC-Address is given): First i read ipNetToMediaIfindex and try to find the suited Ifindex with ipNetToMediaPhysAddress. Then i read with the suited Ifindex all ipaddresses. than i call Ifindex.ipadress and try to find the source mac-adress??
Colby Blair about 11 years

Yep. This is a typical database problem too; you have a value (ipNetToMediaPhysAddress) in a table (ipNetToMediaTable) that is not an index. You can't, therefore, use the ipNetToMediaPhysAddress value as an index to find a ipNetToMediaNetA‌‌ddress. Worst case, you'll have to look at every ipNetToMediaNetA‌‌ddress and sift through every ipNetToMediaPhysAddress value. The list is probably not too huge though, so hopefully that's not a problem?
user2260979 about 11 years

Another Question for finding Neighbours with lldp, when i check the neighbours from a switch a (switch a is connected to a router) i got a MAC-Adress from the Router : 12:34:56:DF . But the offical MAC Adress of the Router is 12:34:56:00. Is there any chance to get the offical MAC-Adress from the router with lldp and not the mac adresss from the port x of the router?? Or can i compare 12:34:56:00 with 12:34:56:DF and only look for the first 4 digits (12:34:56) and say its the same Router
Colby Blair about 11 years

I don't think there is any guarantee that you can look at the first octets, MACs can potentially be from different vendors or have whatever numbering scheme the vendor wants. The MAC for the chassis of the switch itself should be in Chassis ID if the chassis id subtype is == MAC. The Port ID TLV is the one that should contain the Port's MAC if its subtype == MAC. You should read the 802.1AB Standard. It probably answers most of the questions you have.
mreaevnia over 10 years

I am also facing this problem, I need to get remote IpAddress, But It gives MAC address, How can we get remote device IpAddress from LLDP MIB, Please help...