Configuring Auto-Discovery Based on SNMP Polling
The Auto-Discovery based on SNMP Polling feature in NetFlow Optimizer (NFO) simplifies the process of adding new devices for SNMP polling by automating the device discovery process. With auto-discovery, administrators can effortlessly identify and onboard SNMP-enabled devices, enhancing network monitoring and management efficiency.
Auto-discovery allows users to define a range of IP addresses or subnets to scan for SNMP-enabled devices. Discovered devices are automatically identified and added to the monitoring system, eliminating the need for manual configuration.
To configure auto-discovery, on the left navigation bar select SNMP Managemnt, and click on > Auto-discovery.
EDFN Agent Configurations
You will be presented with the following configuration screen.
Settings tab
On this screen you can configure the following parameters:
Cron Schedule
Set this parameter to define when to run auto-discovery.
IPv4 devices URL
For IPv4 devices, this optional parameter points to a CSV file containing a list that will be merged with auto-discovered devices. Entries in this list take precedence over any conflicting auto-discovered devices.
For example: file:/opt/flowintegrator/snmp/snmp_devices.csv
Contains:
"### Exporter IPv4","### SNMP Management IPv4","### SNMP Port","### SNMP Credentials ID","### Group","### Comment"
10.1.1.5,10.1.1.5,161,v2c-public,Juniper,"From CSV file"
10.1.1.6,10.1.1.6,161,v2c-public,Cisco,"From CSV file"
IPv6 devices URL
This optional parameter is for IPv6 devices with the same functionality as the IPv4 device list.
Discovery type
This setting determines how devices are discovered:
- Full Scan: Checks all IPs within defined networks (every IP in the subnet/range) using provided credentials. LLDP/CDP seed networks are ignored. The watch list is built based on SNMP responses.
- LLDP/CDP: Checks IPs only in the LLDP/CDP seed networks. Then, it discovers neighbors using LLDP and CDP MIBs. At least one seed network is required for this option.
Regardless of the chosen discovery type, device and device connection information (displayed in the "Devices" and "Device connections" tabs) are always built using LLDP/CDP information (MIBs).
Scan concurrency
Number of devices to scan simultaneously.
SNMP GET retries
Number of times to retry an SNMP GET request in case of initial failure. Setting a higher value might improve success rates, but can slow down discovery.
SNMP GET timeout, msec
Maximum waiting time (milliseconds) for a response to an SNMP GET request. Adjust based on network latency and expected device response times.
Ignore duplicate SNMP agents
Enable/disable deduplication of discovered SNMP agents. This prevents duplicate entries if multiple SNMP versions/communities identify the same device, or if an SNMP agent is accessible through multiple interfaces.
Force include all devices (SNMP troubleshooting)
This option is intended for troubleshooting SNMP credential or configuration issues. Enabling it forces the inclusion of all discovered devices in the list, even if they fail to respond with essential information (sysName, sysObjectID, sysLocation) due to potential SNMP errors. This can help identify devices with invalid credentials or missing OIDs.
Auto-discovery networks tab
On this screen you can configure the following parameters:
Subnet or IP ranges
Enter the subnets or IP address ranges you want to scan for SNMP devices. You can separate them using commas:
- Subnets: Use CIDR notation (e.g., 10.0.0.0/24).
- IP Ranges: Specify a range using a hyphen (e.g., 192.168.1.100 - 192.168.1.200).
- Individual IPs: List individual IP addresses separated by commas.
Port
Define the port number used for SNMP polling (defaults to 161).
Credentials
From a drop-down select the name of credential configured in SNMP Services.
Group (Optional, Highly Recommended)
Assigning devices to groups enables efficient management and optimized polling. By grouping devices based on specific criteria, you can apply tailored OID sets, reducing unnecessary polling requests and improving system performance.
If not specified, auto-discovery will assign the "Organization" group based on device information and utilize default OID sets.
If not specified, auto-discovery will use Private Enterprise Numbers (PENs) from IANA (https://www.iana.org/assignments/enterprise-numbers/) and assign Organization as a Group.
Notes
This field is for your reference only and will not be used during processing. Use it for any additional comments or observations.
LLDP/CDP seed
If checked, the EDFN agent will initiate a scan of the network. It is designed to utilize LLDP and CDP MIBs to traverse and identify neighboring devices within specified networks.
Disable
You can suspend auto-discovery on specific subnets or IP ranges by clicking on Disable checkbox.
Group mapping (PEN override) tab
By default, groups are assigned to devices based on their IANA Organization mapping for the associated Provider Enterprise Number (PEN). This tab allows you to override these default assignments for specific PENs.
Specify the PEN in the first column and the desired group name in the second column. Devices associated with the matching PEN will be assigned to the specified group in NFO, regardless of the IANA Organization mapping.
Exporter IP override tab
This tab allows you to manually override the exporter IP address for specific devices. By default, the exporter IP is automatically determined based on the device's management IP.
Fields:
- Exporter IP address: Specify the desired exporter IP address for the device.
- SNMP Management IP address: Enter the device's SNMP management IP address.
- Notes: Add any additional notes or explanations for the override.
This override is only necessary if the exporter IP address differs from the device's management IP. If both IPs are the same, the default automatic assignment will suffice.
Verifying Configuration
Once you've completed configuration, click Save, then open again and press green Run now button.
You should see the device list and timestamp updated. This indicates successful configuration. The updated list will show newly discovered devices, and the timestamp will reflect the latest discovery run:
Devices list
Click on Devices list.The pop-up screen contains the discovered devices with additional information, such as IP address, Group (Vendor), sysName, and sysLocation as shown below:
You can download this CSV file by clicking on the Download in the upper left corner. This file is also available at:
/opt/nfi-updater/logs/snmp_auto_discovery_devices.csv
Device connections list
Select the Device connections list. It contains device connections based on LLDP/CDP data.
You can download this CSV file by clicking on the Download in the upper left corner. This file is also available at:
/opt/nfi-updater/logs/snmp_auto_discovery_device_connections.csv
Device list for SNMP polling
Device list for SNMP polling is a combined list of devices consisting from auto-discovered devices and manually configured in CSV file.
Click on IPv4 device list to view the list. This list is going to be used for SNMP polling. You can download the list by clicking on Download link in the upper right corner:
Reporting Auto-discovery Topology
To send auto-discovery results as events via NFO outputs, click on the Configure auto-discovery reporting button.
This will open the Auto-discovery Reporter Module configuration page. Default reporting time interval is 1 hour (3600 secs).