This topic has been marked solved and closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
I am actively monitoring my switch via a telnet/ssh connection. I would like for the switch to report to me, via an unsolicited message to the telnet console, whenever a port link state changes from up to down, or vice versa.
Does anyone have any ideas on how this might be accomplished?
I'm more on the side of schumaku, I'd be interested in what automation system that is, sounds much like it attempts reinventing the wheel.
[...] For that, I need the console to tell me when a port state has changed.
SNMP traps should do exactly that. Netgear switches of that line support both traps and SNMP get/set/walk request.
Netgear hasn't jumped on the bandwagon of integrating APIs into their switches yet. In the meantime SNMP, while old and rather ugly, is present and working (try finding someone who actually likes SNMP...).
Concerning the MAC Address table: I have tried reading the MAC Address table walking BRIDGE-MIB::dot1dTpFdbAddress but it returned not results when, walking, maybe not implemented by Netgear on M4300? Neither NETGEAR-SWITCHING MIB or Q-BRIDGE-MIB which is what I tried as well. You'd have to find out a manner how to obtain the MAC address table globally.
And also if you want to apply configuration, so long as it is only VLANs, that is something that can be done with a RADIUS server that sends the VLAN and the switch assigns it dynamically. Of course that won't automate the rest of the port configuration.
That said, simply turning on debug console, did not send me the port status messages. Do you know off hand which flags need to be set in order for this to show up with debug console turned on? I do not need persistence as I will configure the console each time my system establishes the console connection.
I do have CLI logging enabled which is sent to a syslog mostly for post-mortem. Other than that I only issued "logging console 7" in configure mode then "debug console" in privileged exec mode. Working on a console session that has both debug logging enabled is was definitely not pleasant. See how it spits out outputs in between me entering commands, have fun parsing that correctly while modifying configuration through a remote console programmatically 😉
Am I correctly understanding that you use some sort of remote commands executed through SSH (hopefully not unencrypted telnet, we're in 2019) - like Paramiko or something compareable? Or are you looking for messages being sent to the console when you are logged in (in that case tuning the logs being sent to the console could work)
It also depends whether you are looking for UP/DOWN events on any port or on specific ports.
If you want to monitor specific ports, you could do so by snmpget and identifying the SNMP OID for that port status. I.e. Zabbix (in my case) likely uses the standard MIBs where it first enumerates the available ports then uses (likely IF-MIB) to poll the port status. Depending on your monitoring solution, there might already be compareable checks or templates that poll the port status of all or a given port.
For a more global approach - meaning if you look for UP/DOWN events for any port - you could use SNMP traps sent to a trap receiver which can interpret the traps and look for up/down events. Also a remote syslog server can send such events and parse them somehow. AFAIR UP/DOWN events are logged by default on the M4300 unless you specifically disabled them.
For a more specific answer I'd need some more information on your monitoring and what you exactly want happen when.
I am looking to get the link state messages sent to the console while logged in. I have read through the CLI guide, but cannot find how to "tune" the console messages in such a way as to receive these unsolicited. If you have any pointers toward that goal I would be greatly appreciative.
Well, that's very ugly, neither tunable, nor according to the manual does it survives a reboot a reboot: debug console
I've tried to set 'logging console' and 'logging console 7' which should enable debug logs to the console. However I believe that this applies to the serial console only, not SSH or Telnet console. I did not receive any message over an SSH session shen shutting down a port. I only received such messages when enabling 'debug console' but that sends every - also unrelated log messages - to the console.
I haven't found an equivalent to 'terminal monitor' that would enable such output on remote CLI sessions.
Is there a specific reason you want/need to monitor it this way? Would any of the outlined options be a working alternative?
I don't monitor for specifc up/down events but I do for port flapping and I also keep the message stored on a remote syslog servier some weeks for post mortems when I need to look up when a device started to misbehave for example.
@msi I have an automation system that needs to monitor when certain devices are plugged into certain ports, so it can dynamically configure those devices based on location (which port they connected to). This device can open a telnet or ssh connection to the device and then enter commands and parse responses to take action accordingly. So, once I see that a port that I need to monitor has changed states, I will pull the mac-addr-table so I can determine what happened and then setup the appropriate devices.
I can just periodically pull the mac table, but I would prefer to adjust dynamically. For that, I need the console to tell me when a port state has changed.
That said, simply turning on debug console, did not send me the port status messages. Do you know off hand which flags need to be set in order for this to show up with debug console turned on? I do not need persistence as I will configure the console each time my system establishes the console connection.
I'm more on the side of schumaku, I'd be interested in what automation system that is, sounds much like it attempts reinventing the wheel.
[...] For that, I need the console to tell me when a port state has changed.
SNMP traps should do exactly that. Netgear switches of that line support both traps and SNMP get/set/walk request.
Netgear hasn't jumped on the bandwagon of integrating APIs into their switches yet. In the meantime SNMP, while old and rather ugly, is present and working (try finding someone who actually likes SNMP...).
Concerning the MAC Address table: I have tried reading the MAC Address table walking BRIDGE-MIB::dot1dTpFdbAddress but it returned not results when, walking, maybe not implemented by Netgear on M4300? Neither NETGEAR-SWITCHING MIB or Q-BRIDGE-MIB which is what I tried as well. You'd have to find out a manner how to obtain the MAC address table globally.
And also if you want to apply configuration, so long as it is only VLANs, that is something that can be done with a RADIUS server that sends the VLAN and the switch assigns it dynamically. Of course that won't automate the rest of the port configuration.
That said, simply turning on debug console, did not send me the port status messages. Do you know off hand which flags need to be set in order for this to show up with debug console turned on? I do not need persistence as I will configure the console each time my system establishes the console connection.
I do have CLI logging enabled which is sent to a syslog mostly for post-mortem. Other than that I only issued "logging console 7" in configure mode then "debug console" in privileged exec mode. Working on a console session that has both debug logging enabled is was definitely not pleasant. See how it spits out outputs in between me entering commands, have fun parsing that correctly while modifying configuration through a remote console programmatically 😉
Thank very much!! Turning on logging console (I used 5 instead of 7) give me precisely what I was looking for. I will manage the parsing issues. I am using the Priveleged Exec command "show mac-addr-table" to get a report of which addresses are connected to which ports.
For the interested: the automation system is a Crestron Pro3. It is primarily used in the audio visual industry. This M4300 is a private (completely isolated) AV network switch which hosts AV devices that will not go on the client's corporate LAN, so there is no RADIUS server or any other servers present, for that matter, thus the need for gathering this data directly from a console session. Luckily, my Pro3 will quietly and happily parse through all the less meaningful data and only act upon the relevant mesages that are received -- once my code for that is complete 🙂
Thanks or sharing that somewhat weird system. Anyhow, poking at the datasheet of the Crestron Pro3 it seems it it has some sort of SNMP support, but it doesn't say if can be reached over SNMP or that it can program things with SNMP GET / SET commands.
Well, if that is what you have to work with: Sometimes an ugly way to something is better than no way at all. 😉
