Is nodealias coming to XOS ?

  • 0
  • 1
  • Question
  • Updated 2 years ago
  • Answered
I have used netsight almost everyday for the last 5 years to manage our network. Compass and nodealias was one of my best tools to trace workstations/printers/servers using mac address or ip address to ports with ease.

Now that we a migrating our enterasys xos c3/c5 fleet to x460-g2s I am getting frustrated that I cannot search for devices like i used to.

fdb is only helpfull up to a point, the entry times out after the device looses connection with the network.
Photo of Tino

Tino

  • 656 Points 500 badge 2x thumb
  • frustrated

Posted 2 years ago

  • 0
  • 1
Photo of Bill Stritzinger

Bill Stritzinger, Alum

  • 6,036 Points 5k badge 2x thumb
Tino, 

As you move into XOS, you can enable identity manager on the switch to provide Netsight the same information (MAC, IP and User Name).  If you are running the Netsight 6.3 or later there is a new option in "Scripting" and then selecting "Identity and Access". -> "Identity Management - Configuration" -  If you run the script, select the switches you want to enable on --> You fill out the user/pass for your Netsight server. set the ports (end user ports only) and set the virtual-router (usually vr-default).  Run the script and it will setup IDM on the XOS switch and then push end-station information directly into Netsight and consequently be able to search in Compass.  if you want to see it on the switch, run the command "show identity-management entries".  If you are running version 21.1.x you will need 21.2 as some change in 21.1 and ssh broke the interface.  You can see if the switch is talking to Netsight by using the command "show xml-notification status" - if connected you are good.

Give it a shot and let me know if you have a questions.

Bill
Photo of James A

James A, Embassador

  • 6,962 Points 5k badge 2x thumb
I found this KB in the weekly new GTAC knowledge articles post which covers this in more detail.

Personally I use NAC for this since I've turned on MAC auth for all switch ports.
Photo of Tino

Tino

  • 656 Points 500 badge 2x thumb
Thank you for that.
Photo of Tino

Tino

  • 656 Points 500 badge 2x thumb
I will give this a go and feed back. Thank you very much for the prompt awnser.
Photo of M.Nees

M.Nees, Embassador

  • 9,414 Points 5k badge 2x thumb
Hi,
nodealias is a very good and easy mechanism on EOS Switches to provide MAC / IP / Hostname (via Compass and NAC).

Identity Manager on EXOS is compareable but have one bid disadvantage! EXOS need absolutely an IP Address on every vlan (where information will snooped). in a standard config a L2 switch does NOT have IPs in all VLANs. And the most customers are not willing to give all L2 Switches IPs in all VLANs.

So from this point of view i hope (and wait) that Extreme will implement / enhance IM in the same way as EOS nodealias will getting this information!


Regards
Photo of Tino

Tino

  • 656 Points 500 badge 2x thumb
Bill do you know when 21.2 is being release ... I am runnning 21.1.1.4 patch 5
Photo of Tino

Tino

  • 656 Points 500 badge 2x thumb
According to Bill If you are running version 21.1.x you will need 21.2 as some change in 21.1 and ssh broke the interface.
Photo of Bill Stritzinger

Bill Stritzinger, Alum

  • 6,036 Points 5k badge 2x thumb
In 21.1-patch1-5 there is a bug with XML notification (requiring SSH) that is fixed in 21.2 or a later patch.
Photo of Tino

Tino

  • 656 Points 500 badge 2x thumb
thanks Bill, do we know when that will be available as I can only see 21.1-patch1-5
Photo of Thomas, Ken

Thomas, Ken, Alum

  • 4,368 Points 4k badge 2x thumb
Tino, 21.2.1 has a tentative planned target date of sometime in November, which is subject to change. If you are not already, please sign up for notifications via the Extreme Networks Notifications Service and pick the items you want to be updated on, in this case the ExtremeXOS operating system. Then you will get emailed when the new release comes out.
Photo of Tino

Tino

  • 656 Points 500 badge 2x thumb
Nice! While I was there I signed up for netsight and analytics as well.

Thanks for the update.
Photo of JS

JS, Employee

  • 630 Points 500 badge 2x thumb
with IDM, if you are after IP-MAC binding without an IP address on the vlan interface [e.g. without leveraging the ARP table of the switch], enabling DHCP snooping [part of IP security] should do the trick.

The following table in the 21.1 userguide [Table 86: Identity (User/Device) Attributes and Source Software Components] provides which features can be leveraged to get specific information.

note that you can be in 15.x and still leverage DHCP snooping to get the IP-MAC binding.
Having an IP interface on the vlan should not be necessary.
Photo of M.Nees

M.Nees, Embassador

  • 9,310 Points 5k badge 2x thumb
Nice trick to use DHCP snooping to get this information! That really new to me!

But at my last 2 customer szenarios i have manufacturing systems with static IPs. This lead that IDM doesn not see anything.

If i understand EOS nodealias correctly looks in some special parts of the packet header and gather the needed information like IP / MAC / Hostname. That work nearly everywhere - there is nothing to keep in mind - it will be very nice of IDM will can do that in the same way in a near furture version!

Regards
Photo of Jeremy

Jeremy, Embassador

  • 9,788 Points 5k badge 2x thumb
Any update on this...? 
Photo of Hagemann, Olaf

Hagemann, Olaf, Employee

  • 1,306 Points 1k badge 2x thumb
There is an open feature request for this.
Photo of Jan Steinbach

Jan Steinbach

  • 1,156 Points 1k badge 2x thumb
https://community.extremenetworks.com/extreme/topics/extremexos-22-2-is-now-available

Enhance Ease of Use & Serviceability Capabilities
  • Node Alias MIB
    Discovery of end systems' VLANID, Source MAC, Source IP, Protocol etc. on a per-port basis.
Photo of Tino

Tino

  • 656 Points 500 badge 2x thumb
Nice! Thanks for informing us Jan.
Photo of Torben Keller

Torben Keller

  • 80 Points 75 badge 2x thumb
Is there any chance that this feature will also come to G1 devices (EXOS 16.x)?