NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Telnet - Unsolicited Port Status Mesages
Hello There.
I am actively monitoring my switch via a telnet/ssh connection. I would like for the switch to report to me, via an unsolicited message to the telnet console, whenever a port link state changes from up to down, or vice versa.
Does anyone have any ideas on how this might be accomplished?
TIA for any assistance.
erik
Hi
I'm more on the side of schumaku, I'd be interested in what automation system that is, sounds much like it attempts reinventing the wheel.
[...] For that, I need the console to tell me when a port state has changed.SNMP traps should do exactly that. Netgear switches of that line support both traps and SNMP get/set/walk request.
Netgear hasn't jumped on the bandwagon of integrating APIs into their switches yet. In the meantime SNMP, while old and rather ugly, is present and working (try finding someone who actually likes SNMP...).
Concerning the MAC Address table: I have tried reading the MAC Address table walking BRIDGE-MIB::dot1dTpFdbAddress but it returned not results when, walking, maybe not implemented by Netgear on M4300? Neither NETGEAR-SWITCHING MIB or Q-BRIDGE-MIB which is what I tried as well. You'd have to find out a manner how to obtain the MAC address table globally.
And also if you want to apply configuration, so long as it is only VLANs, that is something that can be done with a RADIUS server that sends the VLAN and the switch assigns it dynamically. Of course that won't automate the rest of the port configuration.
That said, simply turning on debug console, did not send me the port status messages. Do you know off hand which flags need to be set in order for this to show up with debug console turned on? I do not need persistence as I will configure the console each time my system establishes the console connection.I do have CLI logging enabled which is sent to a syslog mostly for post-mortem. Other than that I only issued "logging console 7" in configure mode then "debug console" in privileged exec mode. Working on a console session that has both debug logging enabled is was definitely not pleasant. See how it spits out outputs in between me entering commands, have fun parsing that correctly while modifying configuration through a remote console programmatically ;-)
(sw-<removed>) (Interface 1/0/1)#shutdown (sw-<removed>) (Interface 1/0/1)# <13>1 <timedate-removed>:51.862Z sw-<removed>-1 CMDLOGGER emWeb - : cmd_logger_api.c(83) 564865 %% CLI:<ip-removed>:<user-removed>:shutdown <15>1 <timedate-removed>:52.109Z sw-<removed>-1 DRIVER bcmLINK.1 - : broad_link.c(83) 564866 %% HAPI LS callback, u 1. p 2 <13>1 <timedate-removed>:52.120Z sw-<removed>-1 TRAPMGR trapTask - : traputil.c(753) 564867 %% Link Down: 1/0/1 [...] no shutdown (sw-<removed>) (Interface 1/0/1)# <13>1 <timedate-removed>:54.918Z sw-<removed>-1 CMDLOGGER emWeb - : cmd_logger_api.c(83) 564869 %% CLI:<ip-removed>:<user-removed>:no shutdown <13>1 <timedate-removed>:56.145Z sw-<removed>-1 TRAPMGR PoE Req - : traputil.c(795) 564870 %% PoE: 1/0/1 power downn [2 other messages] (sw-<removed>) (Config)# <13>1 <timedate-removed>:58.990Z sw-<removed>-1 CMDLOGGER emWeb - : cmd_logger_api.c(83) 564873 %% CLI:<ip-removed>:<user-removed>:exit exit (sw-<removed>) # <13>1 <timedate-removed>:00.952Z sw-<removed>-1 CMDLOGGER emWeb - : cmd_logger_api.c(83) 564874 %% CLI:<ip-removed>:<user-removed>:exit <15>1 <timedate-removed>:01.277Z sw-<removed>-1 DRIVER bcmLINK.1 - : broad_link.c(83) 564875 %% HAPI LS callback, u 1. p 2 <13>1 <timedate-removed>:01.284Z sw-<removed>-1 TRAPMGR trapTask - : traputil.c(753) 564876 %% Link Up: 1/0/1 <13>1 <timedate-removed>:01.365Z sw-<removed>-1 TRAPMGR PoE Req - : traputil.c(795) 564877 %% PoE: 1/0/1 power up
8 Replies
Am I correctly understanding that you use some sort of remote commands executed through SSH (hopefully not unencrypted telnet, we're in 2019) - like Paramiko or something compareable? Or are you looking for messages being sent to the console when you are logged in (in that case tuning the logs being sent to the console could work)
It also depends whether you are looking for UP/DOWN events on any port or on specific ports.If you want to monitor specific ports, you could do so by snmpget and identifying the SNMP OID for that port status. I.e. Zabbix (in my case) likely uses the standard MIBs where it first enumerates the available ports then uses (likely IF-MIB) to poll the port status. Depending on your monitoring solution, there might already be compareable checks or templates that poll the port status of all or a given port.
For a more global approach - meaning if you look for UP/DOWN events for any port - you could use SNMP traps sent to a trap receiver which can interpret the traps and look for up/down events. Also a remote syslog server can send such events and parse them somehow. AFAIR UP/DOWN events are logged by default on the M4300 unless you specifically disabled them.
For a more specific answer I'd need some more information on your monitoring and what you exactly want happen when.
msiThanks for the reply.
I am looking to get the link state messages sent to the console while logged in. I have read through the CLI guide, but cannot find how to "tune" the console messages in such a way as to receive these unsolicited. If you have any pointers toward that goal I would be greatly appreciative.
Well, that's very ugly, neither tunable, nor according to the manual does it survives a reboot a reboot: debug console
I've tried to set 'logging console' and 'logging console 7' which should enable debug logs to the console. However I believe that this applies to the serial console only, not SSH or Telnet console. I did not receive any message over an SSH session shen shutting down a port. I only received such messages when enabling 'debug console' but that sends every - also unrelated log messages - to the console.I haven't found an equivalent to 'terminal monitor' that would enable such output on remote CLI sessions.
Is there a specific reason you want/need to monitor it this way? Would any of the outlined options be a working alternative?
I don't monitor for specifc up/down events but I do for port flapping and I also keep the message stored on a remote syslog servier some weeks for post mortems when I need to look up when a device started to misbehave for example.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
