The Moose and Squirrel Files

September 21, 2008

Re-Imaging Computers in 802.1x Networks – Part 3

Filed under: Code, Network — Tags: , , , , — networknerd @ 10:53 am

Finding the Bridgeport number
Some MIBs, such as the BRIDGE-MIB, have a separate instance for each VLAN configured on the switch. Mac addresses in the forwarding table are examined using community string indexing to reference the instance maintained for each vlan. The community string is formatted as read_community@vlan_number.
Armed with a list of vlans and the mac address of the computer the bridgeport number can now be found. Hexadecimal digits of the mac address are converted to decimal and concatenated to the dot1dTpFdbPort OID. An snmp get operation is performed using this OID for each vlan in the list until an instance of the OID is found, or the list of vlans is exhausted. The bridgeport number and the vlan configured for the port are returned when an instance of this OID is found.

For example, a computer whose mac address is 00-40-CA-69-34-EE, has a corresponding OID of dot1dTpFdbPort.0.64.202.105.52.238 (.1.3.6.1.2.1.17.4.3.1.2.0.64.202.105.52.238).

G:\usr\bin>snmpget.exe -OnqU -v 2c -c public@1 192.168.36.11 .1.3.6.1.2.1.17.4.3.1.2.0.64.202.105.52.238
.1.3.6.1.2.1.17.4.3.1.2.0.64.202.105.52.238 No Such Instance currently exists at this OID
G:\usr\bin>snmpget.exe -OnqU -v 2c -c public@100 192.168.36.11.1.3.6.1.2.1.17.4.3.1.2.0.64.202.105.52.238
.1.3.6.1.2.1.17.4.3.1.2.0.64.202.105.52.238 108

The mac address was learnt on bridgeport 108, which is configured in vlan 100. The bridgeport
is easily extracted from the output using a regular expression as shown in the getBridgePort()
function in listing 1.

const SNMPSETCMD = "f:\usr\bin\snmpset.exe -v 2c -c "
const SNMPREADV = " public@" 'need community name and vlan for some info
const DOT1DTPFDBPORT = " .1.3.6.1.2.1.17.4.3.1.2"

'************************************************************************
'FUNCTION:                                                              *
' getBridgePort(strAgent, intVlan, strmac)                              *
'                                                                       *
'Purpose:                                                               *
' examine the switch forwarding tables for the specified mac            *
' address in the specified vlan                                         *
'                                                                       *
'Inputs:                                                                *
' strAgent: management IP address of the switch                         *
' intVlan : the vlan specific instance of the forwarding table          *
' strmac : Mac address string in the format 0040CA6934EE                *
'                                                                       *
'Returns:                                                               *
' String containing the bridgeport if found or an empty string          *
'                                                                       *
'Calls:                                                                 *
' SNMPGETCMD - constant defining the path to an external                *
' program and options used to perform an snmp get                       *
'                                                                       *
'Comments:                                                              *
' Uses community string indexing to reference the per vlan mib          *
' instance.                                                             *
' Reference cisco Document ID: 44800                                    *
' "Using SNMP to Find a Port Number from a MAC Address on a             *
' Catalyst Switch" viewed at                                            *
' http://www.cisco.com/en/US/tech/tk648/tk362/                          *
' technologies_tech_note09186a00801c9199.shtml                          *
' on 16/11/2006                                                         *
'************************************************************************
function getBridgePort(strAgent, intVlan, strmac)
dim WshShell, oExec
dim re 'as regexp
dim matches
dim match
dim tempstr, stroutput
Set WshShell = CreateObject("WScript.Shell")
Set oExec = WshShell.Exec(SNMPGETCMD & SNMPREADV & intVlan & " " & _
strAgent & " " & DOT1DTPFDBPORT & mac2oid(strmac))
Do while Not oExec.StdOut.AtEndOfStream
  stroutput = oExec.StdOut.readall
Loop
Do While oExec.Status <> 1
  WScript.Sleep 100
Loop
set re = new regexp
re.global = True
re.multiline = True
'output lines from SNMPCMD should look like
' ".1.3.6.1.2.1.17.4.3.1.2.0.64.202.105.52.238 108"
'Pattern to capture the snmpget output
re.pattern = "^" & trim(DOT1DTPFDBPORT) & mac2oid(strmac) & "\s+(\d+)$"
tempstr = ""
set matches = re.execute(stroutput)
for each match in matches
  tempstr = match.submatches(0)
next
getBridgePort = tempstr
end function

'************************************************************************
'FUNCTION:                                                              *
' mac2OID(strmac)                                                       *
'Purpose:                                                               *
' Convert mac address string to a decimal string for snmp queries.      *
'                                                                       *
'Inputs:                                                                *
' strmac: Mac address string in the format 0040CA6934EE                 *
'                                                                       *
'Returns:                                                               *
' snmp OID string of the form .0.64.202.105.52.238 or an empty          *
' string ("") if an error occured.                                      *
'                                                                       *
'Calls:                                                                 *
' Hex2Dec                                                               *
'                                                                       *
'Comments:                                                              *
' No error checking is performed on the input character set.            *
' The input string is validated by length only.                         *
'************************************************************************
function mac2OID(strmac)
dim intOctet
dim arrOctet
dim strOID
strOID = ""
if len(strmac) = 12 then
  for intOctet = 1 to 11 step 2
    strOID = strOID & "." & Hex2Dec(mid(strmac,intOctet,2))
  next
end if
mac2OID = strOID
end function

'************************************************************************
'FUNCTION:                                                              *
' Hex2Dec(strHex)                                                       *
'Purpose:                                                               *
' Convert a string representation of a hexadecimal number to a          *
' decimal string.                                                       *
'                                                                       *
'Inputs:                                                                *
' strHex: string containing hexadecimal characters [0-9a-fA-F]          *
'                                                                       *
'Returns:                                                               *
' string containing the input converted to decimal characters[0-9]      *
'                                                                       *
'Calls:                                                                 *
' Nothing                                                               *
'                                                                       *
'Comments:                                                              *
' No error checking is performed on the input.                          *
' Beware of overflow in CInt function. Consider modifying to Clng       *
' before using in other code.                                           *
'************************************************************************
Function Hex2Dec(strHex)
Hex2Dec = "" & CInt("&H" & strHex)
End Function
Advertisements

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: