Open for Voting

Support for ARP collection from VRF/MPLS routing instances

We make extensive use of VRFs to segregate subnetworks according to the network policies in effect. Subnetworks within a VRF can communicate (fairly) unfettered, but to cross between VRFs traffic has to (normally) pass through a policy device. VRF-Lite merges all of the information into a common set of tables, but in a full VRF network things like the ARP and Routing tables are completely segregated by the routing instance. This allows traffic to get high-speed routing between networks with a common security profile, and consistently apply the right set of policy devices.

Here is an sample of some of the VRFs we operate ( from a Juniper router)

SNMPv2-SMI::enterprises.2636.3.26.1.2.1.5.2.2.97.99 = STRING: "ac"

SNMPv2-SMI::enterprises.2636.3.26.1.2.1.5.2.2.102.110 = STRING: "fn"

SNMPv2-SMI::enterprises.2636.3.26.1.2.1.5.2.2.114.104 = STRING: "rh"

SNMPv2-SMI::enterprises.2636.3.26.1.2.1.5.2.2.117.119 = STRING: "uw"

SNMPv2-SMI::enterprises.2636.3.26.1.2.1.5.2.4.109.103.109.116 = STRING: "mgmt"

SNMPv2-SMI::enterprises.2636.3.26.1.2.1.5.2.4.116.101.115.116 = STRING: "test"

SNMPv2-SMI::enterprises.2636.3.26.1.2.1.5.2.4.117.119.116.118 = STRING: "uwtv"

SNMPv2-SMI::enterprises.2636.3.26.1.2.1.5.2.4.118.111.105.112 = STRING: "voip"

SNMPv2-SMI::enterprises.2636.3.26.1.2.1.5.2.4.119.105.102.105 = STRING: "wifi"

So, when a router is in MPLS mode some of the tables are global, others may be scoped by router instance, as described in this document:

http://www.juniper.net/techpubs/en_US/junos12.1/topics/concept/understanding-snmp-support-for-routing-instances-junos-nm.html

To access the ARP tables for the ac routing instance then the snmp community is 'ac@community'

I'd like UDT to be enhanced to maintain a list of VRFs to scan for ARP data, and prepend vrf@ to the community when retrieving data separated by instance.

Thanks

/RjL

Parents Comment Children
No Data