12

How do I do community string Indexing for other switches like D link DES 3526 and Brocade Fastiron SX800?

I am running a java program to poll a specific vlan on a Brocade sx 800 l3 switch. The program throws a "Time out error". I then checked the switch log , which says community string invalid. I'm having trouble with the syntax "community@vlanid".

Displaying all Vlans and their names:

Displaying all Vlans and their names

Could someone please tell me the community string indexing for switches other than Cisco?

EDIT

I tried the commands in CLI with Net-SNMP:

Poll sysDescr:

snmpwalk -v 2c -c public 10.21.200.4 1.3.6.1.2.1.1.1
SNMPv2-MIB::sysDescr.0 = STRING: DES-3526 Fast-Ethernet Switch

Poll dot1dTpFdbAddress (default Vlan):

snmpbulkwalk -v 2c -c public 10.21.200.4 1.3.6.1.2.1.17.4.3.1.1
SNMPv2-SMI::mib-2.17.4.3.1.1.0.27.17.189.90.220 = Hex-STRING: 00 1B 11 BD 5A DC
SNMPv2-SMI::mib-2.17.4.3.1.1.4.254.127.149.86.136 = Hex-STRING: 04 FE 7F 95 56 88

Poll dot1dTpFdbAddress (default Vlan4):

snmpbulkwalk -v 2c -c public@4 10.21.200.4 .1.3.6.1.2.1.17.4.3.1.1
Timeout: No Response from 10.21.200.4

Netdisco listing all ports and corresponding MAC addresses Netdisco listing all ports and corresponding MAC addresses

I want to retrieve all MAC addresses from individual ports. The Q-Bridge MIB shows all the ports on the switch but unfortunately the MAC address OID is not accessible. On the other hand, using the Bridge MIB lists only MAC addresses from the default Vlan. P.S: the community string indexing ( coommstring@vlanid ) to access other vlans only works with CISCO switches.

Improve this question
5
  • Which OIDs are you polling? FYI, other than BRIDGE-MIB or Q-BRIDGE-MIB, I cannot think of OIDs which require indexing with vlan id
    – Mike Pennington
    Commented Jan 29, 2014 at 11:22
  • Yes,the Bridge MIB only. I am trying to poll dot1dTpFdbAddress to retrieve the MAC Table from a specific Vlanid (vlan:4) on the Brocade SX 800 switch (OID : 1.3.6.2.3.1.17.4.3.1.1 ). I believe there is an error in the syntax public@4 .Can you pls clarify that?
    – Abhishek Balaji R
    Commented Jan 29, 2014 at 11:31
  • 1
    Diagnostic test... Does polling sysdescr work? snmpget -v 2c -c public [SWITCH-ADDRESS-HERE] .1.3.6.1.2.1.1.1.0
    – Mike Pennington
    Commented Jan 29, 2014 at 11:56
  • Yes it worked. I could retrieve the list of available vlans on the Sx 800 switch. I could also get the MAC table for the default Vlanid , which in my case is vlanid 1. The problem is retrieving MAC tables from other Vlans. FYI I am coding in Java environment ( SNMP4j). Thank you.
    – Abhishek Balaji R
    Commented Jan 29, 2014 at 12:03
  • Now let's validate that the switch is behaving. Please try this (from the CLI with Net-SNMP), snmpbulkwalk -v 2c -c public@4 [SWITCH-ADDRESS-HERE] .1.3.6.1.2.1.17.4.3.1.1. Does that return what you need?
    – Mike Pennington
    Commented Jan 29, 2014 at 12:19

1 Answer 1

Reset to default
7

Could someone please tell me the community string indexing for switches other than Cisco?

Edit:

This is how to poll Q-BRIDGE-MIB for mac-addresses from the only non-Cisco I have, a DLink DGS-3200. I'm not using [community@vlan] for non-Cisco switches. You're correct that this indexing only applies to Ciscos. I expect any non-Cisco switch, which supports Q-BRIDGE-MIB to work the same way.

Polling sysDescr to document the switch under test

[mpenning@tsunami ~]$ # Demo from a DLink DGS-3200 switch
[mpenning@tsunami ~]$ snmpbulkwalk -v 2c -c public -OXsq 172.16.1.2 sysdescr
sysDescr.0 "DGS-3200-10 Gigabit Ethernet Switch"
[mpenning@tsunami ~]$

Walking dot1qVlanStaticName: List Vlans and their text names

[mpenning@tsunami ~]$
[mpenning@tsunami ~]$ snmpbulkwalk -v 2c -c public 172.16.1.2 .1.3.6.1.2.1.17.7.1.4.3.1.1
BRIDGE-MIB::dot1dBridge.7.1.4.3.1.1.1 = STRING: "default"
[mpenning@tsunami ~]$

dot1qFdbDynamicCount: Number of mac addresses known

[mpenning@tsunami ~]$ 
[mpenning@tsunami ~]$ snmpbulkwalk -v 2c -c public  172.16.1.2 .1.3.6.1.2.1.17.7.1.2.1.1.2
BRIDGE-MIB::dot1dBridge.7.1.2.1.1.2.1 = Counter32: 17
[mpenning@tsunami ~]$

dot1qVlanCurrentEgressPorts: bitmap of ports in the vlan

[mpenning@tsunami ~]$ 
[mpenning@tsunami ~]$ snmpbulkwalk -v 2c -c public 172.16.1.2 .1.3.6.1.2.1.17.7.1.4.2.1.4
BRIDGE-MIB::dot1dBridge.7.1.4.2.1.4.2562.1 = Hex-STRING: FF C0 00 00
[mpenning@tsunami ~]$

dot1qTpFdbPort: All MAC Addresses learned

The mac-addresses show up as a string of six decimal digits in the indexes to dot1qTpFdbPort. Note that I have a downstream switch connected to this switch on port 1/5...

[mpenning@tsunami ~]$ 
[mpenning@tsunami ~]$ snmpbulkwalk -v 2c -c public 172.16.1.2 .1.3.6.1.2.1.17.7.1.2.2.1.2
BRIDGE-MIB::dot1dBridge.7.1.2.2.1.2.1.0.13.101.22.202.65 = INTEGER: 5
BRIDGE-MIB::dot1dBridge.7.1.2.2.1.2.1.0.13.189.7.134.128 = INTEGER: 5
BRIDGE-MIB::dot1dBridge.7.1.2.2.1.2.1.0.13.189.7.134.129 = INTEGER: 5
BRIDGE-MIB::dot1dBridge.7.1.2.2.1.2.1.0.29.161.205.83.70 = INTEGER: 9
BRIDGE-MIB::dot1dBridge.7.1.2.2.1.2.1.0.48.27.188.167.215 = INTEGER: 2
BRIDGE-MIB::dot1dBridge.7.1.2.2.1.2.1.0.192.183.110.158.29 = INTEGER: 3

... more entries here
[mpenning@tsunami ~]$

dot1dBasePortIfIndex: Map values from dot1qTpFdbPort to an ifIndex

[mpenning@tsunami ~]$ snmpbulkwalk -v 2c -c public -OXsq 172.16.1.26 .1.3.6.1.2.1.17.1.4.1.2
dot1dBasePortIfIndex[1] 1
dot1dBasePortIfIndex[2] 2
dot1dBasePortIfIndex[3] 3
dot1dBasePortIfIndex[4] 4
dot1dBasePortIfIndex[5] 5
dot1dBasePortIfIndex[6] 6
dot1dBasePortIfIndex[7] 7
dot1dBasePortIfIndex[8] 8
dot1dBasePortIfIndex[9] 9
dot1dBasePortIfIndex[10] 10

ifName: Map values from ifIndex to an ifName

[mpenning@tsunami ~]$ snmpbulkwalk -v 2c -c public -OXsq 172.16.1.26 ifName
ifName[1] 1/1
ifName[2] 1/2
ifName[3] 1/3
ifName[4] 1/4
ifName[5] 1/5
ifName[6] 1/6
ifName[7] 1/7
ifName[8] 1/8
ifName[9] 1/9
ifName[10] 1/10
ifName[5121] System
[mpenning@tsunami ~]$

ORIGINAL:

There is a mistake in your OID, you're using 1.3.6.2.3.1.17.4.3.1.1; however, dot1dTpFdbAddress is 1.3.6.1.2.1.17.4.3.1.1.

The difference is changing some octets, below...

OID Incorrect: 1.3.6.2.3.1.17.4.3.1.1   <--- Not this
OID Corrected: 1.3.6.1.2.1.17.4.3.1.1   <--- Use this
                     ^ ^
                     | |
Improve this answer
8
  • the following command returns nothing snmpwalk -c public -v1 netgearpt01 .1.3.6.1.2.1.17.4.3.1.1 i am trying to achieve cisco.com/c/en/us/support/docs/ip/… on a netgear gs752txs. that guide works for a netgear gsm7328s with v2c i get the following snmpwalk -c public -v2c netgearpt01 .1.3.6.1.2.1.17.4.3.1.1 SNMPv2-SMI::mib-2.17.4.3.1.1 = No Such Instance currently exists at this OID
    – shorif2000
    Commented Mar 6, 2014 at 14:21
  • @sharif, what happens when you poll snmpwalk -v 2c -c public netgearpt01 .1.3.6.1.2.1.1.1? That just gets sysDescr from the switch.
    – Mike Pennington
    Commented Mar 6, 2014 at 14:35
  • yes it does. i get SNMPv2-MIB::sysDescr.0 = STRING: GS752TXS ProSafe 52-Port Gigabit Stackable Smart Switch with 10G uplinks, 6.1.0.12, B5.2.0.1. Say i have a network of switches. i want to locate what swictch and prot it is connected to currently. mac address is 00:04:f2:e2:67:62. running snmpwalk -v 2c -c public netgearpt02 .1.3.6.1.2.1.17.7.1.2.2.1.2 gives a me a long list. how would i convert the mac address to the 6 digit hex number to find out what port it is on? netgearpt02 is my top level switch
    – shorif2000
    Commented Mar 6, 2014 at 14:47
  • Consider the first value returned above when I walked dot1qTpFdbPort ; the first entry I got was BRIDGE-MIB::dot1dBridge.7.1.2.2.1.2.1.0.13.101.22.202.65 = 5 back. 0.13.101.22.202.651 is the mac-address encoded as decimal (i.e. 00:13:65:16:ca:41). That is learned on dot1dBasePortIfIndex 5, which of course maps to an ifName as shown above.
    – Mike Pennington
    Commented Mar 6, 2014 at 15:00
  • 1
    50 is the port index. Otherwise the algorithm you described works. You should ping sweep the subnet before polls to ensure maximum macs in the switch table.
    – Mike Pennington
    Commented Mar 6, 2014 at 15:14

Not the answer you're looking for? Browse other questions tagged or ask your own question.