4.2 What Neo Can Help You Do

Neo can perform a number tasks , and as a relatively new tool, it is constantly having more functionality added. The core functionality is currently:

• Determining on which switch port a host resides

• Translating an IP address to a hardware address

• Obtaining traffic statistics

• Obtaining board or port information

• Disabling or enabling a port

• Obtaining general device information

• Obtaining information about device power and environmental conditions

Locating Hosts and the Forwarding Table

One of the benefits of network switches over repeaters is that switches send traffic destined for a particular host only to the port on which that host resides. A repeater, in contrast, sends all traffic to every port (see Figure 4.1). The switch must therefore know which host is on which port so that it can direct traffic appropriately. The switch figures this out using a process known as station learning . The idea is for the switch to build a forwarding table that maps each host to a port on the switch and to do so without any operator intervention. This allows a host to be plugged into a switch with no need to change the switch configuration manually.

The process of learning which host is on which port begins with an empty forwarding table. In this state, the switch acts just like a repeater: Because it doesn't know which port traffic should be sent to, it sends the traffic to every port. Eventually, a host on the switch is expected to send some data of its own, either spontaneously or in response to data sent to it. When this happens, the switch notes the hardware address of the sending host and the port the traffic came from. This information is then stored in the forwarding table, and the switch now knows to send traffic destined for that address to that port. In this way, the source address of traffic is used to determine where traffic destined for that address should be sent in the future.

The switch makes information in the forwarding table available via SNMP as described in Chapter 2. Neo allows an operator to query this information easily. You can find the port on which a particular hardware address is located:

 neo: locate 00:03:BA:09:1F:36 @switch13.example.com   Found on 6@switch13.example.com 

or ask the switch for all hardware addresses present on a particular port:

 neo: port search 2/5@switch2.example.com   00:04:76:CB:B1:CD   00:05:02:4B:C6:50   00:06:5B:1D:68:43   00:06:5B:1D:68:46   00:50:8B:AD:FE:8E   00:E0:63:2B:D7:C4   00:E0:63:2B:D7:DC 

Neo syntax also allows many different devices to be searched in a single query in case the operator does not know on which switch a host will be:

 neo: locate 00:03:BA:09:1F:36 @k:northannex   Found on 6@switch13.example.com 

Translating an IP Address to a Hardware Address

Neo can use the SNMP ipNetToMediaTable to ask a device for the hardware address associated with a particular IP address:

 neo: arpfind host.example.com router.example.com   10.5.0.1 says 10.5.1.2 is 00:03:BA:09:1F:36 

This is particularly useful when you need to locate a host and have only its IP address or host name . You can use Neo first to ask the nearest router for a host's hardware address and then use that hardware address in a locate command.

Obtaining Traffic Statistics

It's often very helpful when you are debugging network problems to be able to view the amount of traffic being sent to or from particular ports. Neo is capable of presenting this data:

 neo: stats switch.example.com   Probing devices ...   Getting first set of stats...   Getting second set of stats...   Port statistics:   p  type  u  lnk adm ap kbs ikbs okbs pps ipps opps ierps oerps   --------------------------------------------------------------    1 100TX    100  On     20   0   20   26   0   26     0    0    2 100T     100  On     19   0   19   26   0   26     0    0    3 100TX     10  On     20   0   20   27   0   27     0    0    4 100TX      -  On      0   0    0    0   0    0     0    0    5 100TX      -  On      0   0    0    0   0    0     0    0    6 100TX    100  On    455  42  413  157  51  106     0    0    7 100TX     10  On     19   0   19   26   0   26     0    0    8 100TX    100  On     19   0   19   26   0   26     0    0    9 100TX    100  On     19   0   19   26   0   26     0    0   10 100TX      -  On      0   0    0    0   0    0     0    0   11 100TX    100  On     19   0   19   26   0   26     0    0   12 100TX    100  On     19   0   19   27   0   27     0    0   13 100?X *  100  On    382 368   14   84  71   13     0    0   14 100?X *    -  On      0   0    0    0   0    0     0    0   15 loop      10  On     59  28   31   80  40   40     0    0 

Disabling or Enabling a Port

When a host or a network segment is causing an operational problem, the only solution may be to disable that part of the network in order to keep everything else up and running. Neo has commands for turning a port on or off:

 neo: port disable 22@switch.example.com   22@switch.example.com disabled   neo: port enable 22@switch.example.com   22@switch.example.com enabled 

Power, Environmental, and General Device Information

Finally, Neo can ask devices about the status of power, environmental conditions, and other information. On any device, Neo can print the system name, the address of the administrative contact, and other information from the SNMP system group . On devices that support it, Neo can print the temperature of the device or the status of the power supplies . On a managed UPS, Neo can retrieve detailed information about the battery lifetime and the operational status of the device.

Other Functionality

Aside from these core functions, Neo has support for a few additional features such as accessing information from printers, performing domain name server (DNS) lookups, and executing shell commands.