NeDi 1.0.w

(C) 2001 - 2006 Remo Rickli (http://nedi.sourceforge.net)

Introduction

NeDi is a lightwheight network management suite, which is based on a scheduled discovery, a SQL backend and a web based user interface. It can discover a mixed corperate network dynamically and manage stock, used devices, configurations (IOS, CatOS, Cisco1900 and limited support for HP Procurve and Ironware), monitoring and network clients. As it gets more and more sophisticated, I recommend using HTTPS only and limit the range of IP addresses allowed to access NeDi.

Quick Install for Ubuntu Linux

on a Ubuntu system, run contrib/install.sh (thanks Tristan)

Even Quicker Install

Download NeDio4 the OpenBSD4 based NeDi appliance image (out soon)...

Manual Install & Configuration

  1. Required software (may work with older versions, but this is what I use now): - Perl 5.8.8 (modules: Net::SNMP, Net::Telnet::Cisco,Algorithm::Diff, DBD::mysql an Net::SSH::Perl, if you need ssh) - PHP 5.1.4 (modules: SNMP,MYSQL,GD for the webinterface) - Optional support for resolving arp (if you don't have a router to retrieve the arp cache) requires arpwatch - Optional rrd support to graph interface traffic requires rrdtool

  2. Extract the NeDi archive (e.g. to /var/nedi). Move the files in html to your webserver's document root (e.g. /var/www/htdocs). If your path is not /var/nedi you'll need to edit html/inc/drawrrd.php and set the absolute path for $rrdpath. If rrdtool is not found, specify path as well.

  3. Edit nedi.conf to fit your needs (Please use the new one as copying your existing config may lead to errors, if you're not careful). Make sure you use tabs to separate key/values! If you get 'Dude, where is nedi.conf?' link it to /etc.

  4. Cd to /var/nedi (or whatever you chose) and type ./nedi.pl -i to initialize the backend. I recommend to dump users and monitoring before that, if your upgrading from an older version: mysqldump nedi monitoring user -u nedi -p > nedi-mon-usr.sql and put them back in after recreating the database: cat nedi-mon-usr.sql |mysql -u nedi -p nedi

    You want to check which of your devices are supported? ./nedi.pl -y will give the answers...

  5. Scan a few devices first: a] Just type "./nedi.pl" to discover your default gateway and see what happens... b] Add a few devices to the seedlist and do the same... Check the results and make sure you don't get any weird errors. Use -v for verbose output or -d to get some debug info. More words on .def files: Since 1.0.u the devices can be defined with definition files residing in the sysobj directory.Do a ./nedi.pl -cd (basic CDP with debugging enabled). NeDi shows the sysobjID of a device and if a .def file for that OID exists, it can determine the device type (and other information you specify in that particular file). 

    192.168.1.31   Twhga102  1.3.6.1.4.1.9.1.278=Cat3548    0/0/1   m68     70/147

I assume you see where this is going. If you get something like this:

192.168.38.5   PotlaU03  1.3.6.1.4.1.800.3.1.1.3=other InIl  a1 o0  m59  2/252

    You'll need to create a new definition file, with the appropriate OIDs and specs for that device. Click on the OID in Devices-List and work with the new Defgen tool. You'll find additional definitions in the contrib directory as well. Email your new definitions to remo.rickli(AT)psi.ch, if you want them to be included, but first make sure they're as accurate as possible!

  6. If all went well, try to discover your entire network. Use -c for a proper CDP based run. Add -o, if you dare to find non-Cisco devices (you may want to adjust ouidev in nedi.conf). Your input could look like "./nedi.pl -cod"

    Note how long it took. Then think about how often you want to scan your entire network (consider enough slack to avoid overlaps). We have about 260 devices connecting 5000 nodes, which takes about 20 minutes to discover. We run it every hour now. Therefore our rrdstep is 3600 and the cronjob looks like this: 

    1 0 * * *    /var/nedi/nedi.pl -cob > /tmp/nedi-backup.lastrun
1 1-23 * * * /var/nedi/nedi.pl -co >  /tmp/nedi.lastrun

    This will scan the network 1 minute past every hour and backup configurations each night at 1 minute past midnight. Unless you have a very big network (e.g. > 300 devices) this should be fine. Smaller networks can be scanned more often. Parallelizing would greatly improve this, but NeDi is a quiet tool for now...

  7. Login to the web front end with admin pw:admin

Some FAQs

  1. Where's nedimap.php? This PHP script is generated on the fly. If you don't see it after using the map feature, check the file permissions on NeDi's log directory (under html).

  2. I get errors retrieving the ports on Cat3500XL or Cat29x0 using IOS Version 12.0(5), what's wrong? There seems to be a bug with the bridge mib in this version. Try upgrading the IOS.

  3. How about uniqueness of MAC addresses and vlans? Due to the fact that NeDi now supports different vendors, it's quite impossible to assign vlans to MAC addresses and vtp domains to vlans. Therefore MAC addresses are always unique and Vlans won't be bound to VTP domains.

  4. My PHP doesn't generate images or is not capable of doing SNMP queries? Make sure you have GD and Net-SNMP installed. PHP should then be compiled with: ./configure --with-gd --with-snmp --with-mysql --with-apxs2 --prefix=/usr --with-zlib make make install

  5. I don't see interface in octets on Cat2950 running 12.1(6)EA2a with snmp v2c, what's wrong? It seems the switch doesn't like perl Net:SNMP. Upgrade the switch...

  6. I get the name instead of the serial# on a AP1200 running IOS, surely this is a NeDi bug? No not exactly, did you enter the name on the snmp settings page? Try deleting it from there and see what happens...

  7. I get a white screen after login in, why? Install MYSQL and Session for PHP.

Credits

+ JScookmenu is used for the menu.
+ Most icons are adopted from the crystal icons: http://www.everaldo.com/crystal.html.
+ User smilies are created by DAZ.