2. In the beginning...
A large, heterogenous campus network
Norwegian University of Science and 2
Technology, in Trondheim
20.000 students
Student villages connected
11. But?
It's 1999!
Proprietary discovery protocols 11
LLDP not invented yet
No 802.1X authentication
12. The birth of NAV
Current commercial NMS-es tested
and rejected 12
Let's write our own!
Network Administration Visualized
was born
Made free in 2004, under a GPL
license
13. Approach
Collect SNMP data
IETF MIBs 13
Vendor proprietary MIBs
Process data
14. First task
Port classification
Uplink/downlink 14
Access port
How?
It's in the MAC address!
Let's find the MAC addresses of all
monitored nodes
15. IP / MAC mappings
Routers know which IP and MAC
addresses are associated 15
ARP for IPv4
ND for IPv6
NAV has the IPs of all
switches/routers
16. Interface MAC addresses
Each interface on an Ethernet device
has a unique MAC address 16
These may appear in other switches'
forwarding tables
17. Now what?
We know the MAC addresses used
by all monitored infrastructure 17
Let's get the switches' forwarding
tables!
18. Getting forward
Infrastructure MAC found on port →
Uplink/downlink port 18
Otherwise → Access port
19. Processing
Multiple adjacency candidates per
uplink/downlink must be pruned 19
Trust data from any port with a single
candidate X
B
Y
R A C
Z
20. Upshot
Now we also know the switch port
and MAC/IP addresses of every end- 20
user
Log them!
22. Cisco Discovery Protocol
Reports adjacent device and port
without processing 22
BUT:
CDP frames are forwarded as regular
ethernet frames through non-CDP
switches
Non-CDP switches become
“invisible”
A B C
23. Link Layer Discovery
Protocol
Improves on CDP
Uses multicast destination addresses 23
that a standards-conforming ethernet
switch must not forward
Should eliminate “invisible device
problem”
24. Solved challenges
A full layer 2 topology has been
obtained 24
A complete log of end-user
connectivity
We can filter outage alerts based on
topology
28. What about VLANs?
IEEE 802.1Q
Subsets of layer 2 topology 28
Need to collect more data!
29. SNMP 802.1Q & 802.1D
Get:
Native VLAN of each switch port 29
Tagged VLANs on trunk ports
STP blocked VLANs on switch ports
Map VLAN IDs to IP subnets
30. VLAN topology
Each routed VLAN's topology can
now be seen as 30
a subset of the layer 2 topology
rooted at one or possibly more
router ports
34. What else?
There's more to NAV than this
There are always other ways to use 34
this data
35. End-user detention
NAV can help track abusers and
restrict access on their switch port: 35
by shutting it down
or configuring a restricted quarantine
VLAN
36. IPv6 deployment stats
IP/MAC mappings include both IPv4
and IPv6 addresses 36
Can be (and are being) used to
generate IPv6 deployment statistics
38. UNINETTs involvement
Saw the potential of NAV as beneficial
to entire HE community 38
Provided funding for development
since 2001
Took control of development in 2006
39. Deployment in Norway
Success in Norwegian HE community
36 universities and colleges run NAV 39
Contributions from all major
universities
40. Nordic collaboration?
We hope to see a wider Nordic
adoption of NAV 40
Collaboration on development efforts
to make useful for all involved parties
How?
41. In closing...
http://metanav.uninett.no/
morten.brekkevold@uninett.no 41