[SOLVED] Cisco Discovery Protocol linux client?

szboardstretcher · 01-25-2011, 01:14 PM

Wondering how to query a Cisco switch for its CDP information from linux?

tommylovell · 01-25-2011, 02:11 PM

Do you want to listen to the cdp information that is flowing on the network or extract the cdp info from the devices you discover.

If the former, all you'll see is the data from your local switch or router. Your question sounds like you are looking for the latter.

If the latter, I've attached a perl program that I used in a prior job that would collect all of the cdp info so that I could create a network topology in a modeling program. (Rename the file to remove the .txt suffix that was required for upload.)

I can't find the original source code from the original author, but this modified copy worked quite well for me.

The one caveat is that the Cisco devices may be set up to restrict access to cdp data. My former employer's audit department had instructed the network engineers to do just that. I left just in time.

If you can't get to the cdp mibs with a "mib walker" you won't be able to get them with this perl program.

hope this helps.

szboardstretcher · 01-25-2011, 02:19 PM

Do you have a sample configuration file for this?

------ Previous issues kept for archive

This seems to be what I am looking for. In the first few lines though, it states:

Quote:

use lib '/home/trlove/modules';

# This program requires Perl v5.005_02 or above and 3 perl modules: BER.pm,
# SNMP_Session.pm and SNMP_util.pm

I have all of these installed and up to date using CPAN-- commands to do that:

Quote:

perl -MCPAN -e "install Convert::BER"
perl -MCPAN -e "install POE::Component::SNMP::Session"
perl -MCPAN -e "install SNMP::Util"

To get this to work, i had to go to the /usr/lib/perl5/ directory and search for Util.pm, copy it to /home/trlove/modules, and also SNMP.pm to /home/trlove/modules

The error previous to that was:

Quote:

Can't locate SNMP_util.pm in @INC (@INC contains: /home/trlove/modules /usr/lib64/perl5/site_perl/5.8.8/x86_64-linux-thread-multi /usr/lib/perl5/site_perl/5.8.8 /usr/lib/perl5/site_perl /usr/lib64/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.8 /usr/lib/perl5/vendor_perl /usr/lib64/perl5/5.8.8/x86_64-linux-thread-multi /usr/lib/perl5/5.8.8 .) at ./cdp.pl line 45.

cd /; find . -name SNMP_util.pm - Returns nothing.

/usr/lib/perl5/site_perl/5.8.8/SNMP/Util.pm seems close, but the script doesn't seem to be looking for this filename

Now i have the modules sorted out, but am getting this error:

Quote:

/cdp.pl
"my" variable $value masks earlier declaration in same statement at /home/trlove/modules/SNMP_util.pm line 804.
"my" variable @oid_names masks earlier declaration in same statement at /home/trlove/modules/SNMP_util.pm line 1636.
Name "SNMP_Session::suppress_warnings" used only once: possible typo at ./cdp.pl line 56.
[Warning] No configuration file or incorrect file name, use default
End of discovery run.

---------- Statistics Information ----------
CDP capable discovered: 0
non-CDP capable discovered: 0
Time elapsed: 0.070

tommylovell · 01-25-2011, 02:51 PM

Oops. Sorry. Remove that line. That was where I downloaded required module to, from CPAN. (I didn't have any authority to install modules into the standard Perl location, as I was just an unprivileged user.)

I think the three modules that are needed, BER.pm, SNMP_Session.pm and SNMP_util.pm, all came from CPAN.org.

tommylovell · 01-25-2011, 11:16 PM

I guess a comment in package POE::Component::SNMP::Session says it best

Quote:

NOTE: the Perl support for net-snmp is NOT installable via CPAN. On
most linux distros, it is usually available as a companion package to
net-snmp. ...

When I originally ran this years ago I could not install in the libraries in the @INC path so that is why I had to use 'use lib' and a private library, "/home/trlove/modules". That 'use lib' should be unnecessary.

I found on my Fedora 14 system that if I did a 'yum install net-snmp-perl' (not certain if this is needed); a 'yum install perl-Net-SNMP'; and a 'yum install perl-SNMP_Session', I could run cdp.pl and get the same results as you.

Code:

[root@athlon ~]# ./cdp.pl 
"my" variable $value masks earlier declaration in same statement at /usr/local/share/perl5/SNMP/Util.pm line 804.
"my" variable @oid_names masks earlier declaration in same statement at /usr/local/share/perl5/SNMP/Util.pm line 1636.
Name "SNMP_Session::suppress_warnings" used only once: possible typo at ./cdp.pl line 57.
[Warning] No configuration file or incorrect file name, use default
End of discovery run.

---------- Statistics Information ----------
CDP capable discovered: 0
non-CDP capable discovered: 0
Time elapsed:  0.160
[root@athlon ~]#

The first three lines of output are probably because the underlying modules have changed since this was written. I'll need to look into this. (Or maybe some Perl guru will see this and say what is going wrong.)

The fourth line, "[Warning] No configuration file or incorrect file name, use default" is emitted from the subroutine initConf (near line 522).
It's saying that there isn't a config file. By default it is '/etc/cdp_conf.txt' or 'cdp_conf.txt' in your current directory.

When I add that file to my current directory and seed it with a starting ip address of 192.168.1.1, I get one step further and then it bombs.

Code:

[root@athlon ~]# ./cdp.pl
"my" variable $value masks earlier declaration in same statement at /usr/local/share/perl5/SNMP/Util.pm line 804.
"my" variable @oid_names masks earlier declaration in same statement at /usr/local/share/perl5/SNMP/Util.pm line 1636.
Name "SNMP_Session::suppress_warnings" used only once: possible typo at ./cdp.pl line 57.
[0 main] Processing: 192.168.1.1
Undefined subroutine &main::snmpget called at ./cdp.pl line 291.
[root@athlon ~]#

I yum installed 'perl-POE-Component-SNMP' (and its 20 dependencies) thinking that this might make a difference. Same results.

I'll look at this further in the morning. It's past midnight and my brain is shutting down.

btw, I don't have any Cisco gear at home, so I can only test this so far, but hopefully I can at least get it to run cleanly.

tommylovell · 01-26-2011, 09:23 AM

Well, here's some sloppy code.
Well, here's some sloppy code...

Code:

sub get_set_restore {
    my($self, $range, @oid_list) = @_;
    my(
       $IP,
       $value,
       $oid,
       $value,
       $value_hi,
       $value_lo,
       @range,
       @restore_oid_list,
       @set_oid_list,
       @value_array,
       );

and

Code:

sub set_list_to_names_and_oids{
    my($args) = @_;
    my(
       $index,
       $i,
       $instance,
       $name,
       $oid,
       $type,
       $value,
       $temp_value,
       $oid_name,
       @oid_names,
       @oids,
       @oid_names,
       $name_indexed,
       $start_index,
       $hash,
       @args,
       );

I commented out each of the duplicated lines, so now it runs cleanly but there is nothing to discover in my home network.
I loaded up the cdp_conf.txt file with non Cisco IP addresses,

Code:

[root@athlon ~]# cat cdp_conf.txt 
192.168.1.1
192.168.1.50
192.168.1.51
192.168.1.93
192.168.1.94
192.168.1.103
[root@athlon ~]#

Ran it...

Code:

[root@athlon ~]# ./cdp.pl 
[0 main] Processing: 192.168.1.1
[openSNMPSession] Failed to connect to 192.168.1.1
openSNMPSession failed: IP=192.168.1.1
[0 main] Processing: 192.168.1.50
PRINT SERVER PS-6E2DF2
[cdp_fetch] ip=192.168.1.50 

     [cdp_fetch] can not retrieve cdp from this host
[0 main] fetchCDP failed: 192.168.1.50; putting in retry list
[1 main] Processing: 192.168.1.51
[openSNMPSession] Failed to connect to 192.168.1.51
openSNMPSession failed: IP=192.168.1.51
[1 main] Processing: 192.168.1.93
[openSNMPSession] Failed to connect to 192.168.1.93
openSNMPSession failed: IP=192.168.1.93
[1 main] Processing: 192.168.1.94
[openSNMPSession] Failed to connect to 192.168.1.94
openSNMPSession failed: IP=192.168.1.94
[1 main] Processing: 192.168.1.103
[openSNMPSession] Failed to connect to 192.168.1.103
openSNMPSession failed: IP=192.168.1.103
End of discovery run.

---------- Statistics Information ----------
CDP capable discovered: 1
non-CDP capable discovered: 5
Time elapsed:  0.140
[root@athlon ~]# 
[root@athlon ~]#

Oddly enough, it thinks my print server is cdp capable...

I can't run it in work. I'm a Linux engineer and this would really exceed my job function and probably would be viewed as a hacking/intrusion attempt... There is zero tolerance for experimentation if it's outside of our job function, i.e. grounds for termination.

Have you seeded it with a starting Cisco device IP address and gotten it to discover other Cisco devices?

eggsome · 06-29-2023, 11:48 PM

I was trying to query CDP info on a low spec netbook today and came across this post.
The perl solutions elsewhere in this thread were a bit complex/heavy for my situation, but I found this:
https://github.com/yurividal/tuxCDP/

You only need to have tcpdump and awk installed - worked great for me (and the coloured text output was a nice touch).