5 Replies Latest reply on Feb 2, 2009 11:52 AM by Todd Gould

    IPAM

    Network_Guru

      I've mentioned this in another thread, but I'm throwing it in here for tracking purposes.
      IP Address Management tool has tons of potential if:

      1. It can run as a service (I currently must leave an account logged into the console to keep this app running, as I publish it to the Orion page every 5 minutes).
      2. It can be paused or stopped when adding or editing networks (it hangs the GUI when polling a network)

      These are 2 major enhancements which would put this tool in another class.

      A further enhancement or perhaps a new tool request:

      Ping scan a subnet/network at regular intervals & record the total number of responses, average latency & packet loss in a DB.
      Graph the results similar to Orion charts:

      1. Total number of connected users every 15 minutes
      2. Average latency of all connected nodes/users (and ability to drill down to individual nodes)
      3. Average packet loss of all connected nodes/users (and ability to drill down to individual nodes)

      This could be used to track the number of concurrently connected VPN users, or the number of PC's in a call center environment throughout the day.

        • Re: IPAM
          aLTeReGo

          Those are some really well thought out feature requests. I second them,

          • Re: IPAM
            Todd Gould

            You can use svrany.exe which is part of the windows resource toolkit to turn this in to a service.  I just got this working the other day.  It works for scanning the subnets, but for some reason is not auto publishing. 

            I think to make this a truly powerful tool it needs to be fully supported as a service.  Plus since you can easily prevent pings by blocking them on your personal firewall, it should poll the ARP cache of the router.  This way it would get all connected devices and the MAC addresses.  Then it should use NMAP and DNS so it can get the OS signatures and name of the device.  Put that together with your recomendations and anyone with over 200 users will kill to get there hands on it.

              • Re: IPAM
                Network_Guru


                You can use svrany.exe which is part of the windows resource toolkit to turn this in to a service.  I just got this working the other day.  It works for scanning the subnets, but for some reason is not auto publishing. 

                I think to make this a truly powerful tool it needs to be fully supported as a service.  Plus since you can easily prevent pings by blocking them on your personal firewall, it should poll the ARP cache of the router.  This way it would get all connected devices and the MAC addresses.  Then it should use NMAP and DNS so it can get the OS signatures and name of the device.  Put that together with your recomendations and anyone with over 200 users will kill to get there hands on it.

                 



                It looks like it's in the works Todd.
                The specified item was not found.

                As for scanning the ARP cache of the router, there are 2 things wrong with that.

                1. Using SNMP to query the ARP cache of a large router (Cisco 6513 with hundreds of VLANs and thousands of PCs) causes the CPU to skyrocket to 99%. <show process cpu sort>

                2. Querying the ARP cache will not find every device on the network, since this table is dynamic and the default setting is for entries are removed after 5 minutes. Unless you do a ping scan of all subnets on the router before querying the ARP cache, you will invariably miss some IP's.

                  • Re: IPAM
                    Todd Gould

                    Actually the ARP cache is stored by default for 4 hours.  The CAM or TCAM is timed our after 5 minutes both are configurable.  There are some configurations limiting those specific type of SNMP queries.  Also make sure CEF is on this will help aleviate any CPU problems by processing the queries in hardware.  As a side note we use NCM to inventory the equipment once a month, it walks the ARP cache.  We never had any CPu problems.