terminology issues - learning SNMP

[chronodekar]

I've enabled SNMP on a router (Linksys RV042) and have it running on 2 other routers as well (WRT54GL running DD-WRT). The manager I'm using is LoriotPro (free edition).

For the RV042, there are physically 5 'ports' (holes we can connect ethernet cables into) but from LoriotPro, I'm only seeing 3 of them.

For my DD-WRT routers, apart from the wifi link, there are 5 'ports' on the back of them as well, but LoriotPro reports back 7 'ports'. And some of them are called 'VLAN' or 'loopback'.

I read somewhere online that SNMP won't report back the physical ports (or holes) but only the 'network interfaces' present. So, perhaps that's what I'm seeing. Still, I'm confused. Isn't there a one-to-one correlation between an interface and the physical port?

Can someone please help me understand this mixup (interface vs port) ? Or at least direct me to where I can learn more? I'm totally stumped here. 🙁

-chronodekar

 

[Nuwave]

A physical port is considered an interface.

an interface can be a virtual entitity like a Loopback interface or a vlan interface or an IP interface. It can aslo be an ethernet interface.

small SOHO Switchs with snmp will report it's ethernet interfaces as something like eth0, eth1, eth2, eth3 etc. Those are your physical ports.

 

[chronodekar]

A physical port is considered an interface.

an interface can be a virtual entitity like a Loopback interface or a vlan interface or an IP interface. It can aslo be an ethernet interface.

small SOHO Switchs with snmp will report it's ethernet interfaces as something like eth0, eth1, eth2, eth3 etc. Those are your physical ports.

Thank you for your reply.

Ok, I think I'm getting the part about what an interface is. i.e. it can either refer to the physical Ethernet interface or a virtual interface like 'loopback' or 'VLAN'.

But, what I don't get is why my WRT54GL is reporting back a single 'eth0' for it's wired connections (there are 4 LAN + 1 WAN ports on it's back) and 'eth1' for it's wireless connections.

Perhaps, because all the 4 LAN ports are on the same subnet, the switch is bundling them as a single interface? Does that make sense?

Slowly getting a better idea,
chronodekar

 

[chronodekar]

I've done some more investigation/study into this and well, could someone please confirm if I've got my facts right below?

An "interface" refers to a connection into a sub-network and is uniquely identified by a MAC ID. In the case of a router having 4 physical ports, it is usually seen that these 4 ports are connected to the "LAN" network and that to anyone connecting to any of the 4 ports will see the same MAC ID on the other end. To visualize it,

+---------------------------------------------------------------+
| Device: router    MAC: AA:AA:AA:AA:AA:AA     IP:192.168.1.1   |
|                                                               |
|    Port-1        Port-2        Port-3        Port-4           | 
|     |^|           |^|           |^|           |^|             |
+----------------------------------|-------------|--------------+
                                   |             |
                                   |             |          +-------------------------+
                                   |             +----------= Device: PC-B            |
                                   |                        | MAC: BB:BB:BB:BB:BB:BB  |
                                   |                        | IP: 192.168.1.10        |
                                   |                        +-------------------------+
                                   |
                                   |
                                   |                        +------------------------+
                                   +------------------------= Device: PC-C           |
                                                            | MAC: CC:CC:CC:CC:CC:CC |
                                                            | IP: 192.168.1.20       |
                                                            +------------------------+

In the above, consider Port-1 and Port-2 as empty (nothing is connected there). For the router it has a single "LAN" interface and this interface is shared by the 4 ports. 2 systems are connected to Port-3 and Port-4 respectively. Both PC-B and PC-C will see the router as having the same IP and MAC ID (indicated in figure).

What I need to confirm is, if we have an SNMP agent running on the switch, will it be able to distinguish between the 4 ports? I'm guessing NO. Thinking along the same lines, suppose PC-B (acting as an SNMP manager) asks the router the status of its 'lone' interface, it should reply that it's active. i.e. using SNMPv2 (or standard MIB-II) there is no way for the agent to respond back the status of the individual ports.

Using SNMP is it possible for the router to respond back to a manager the status of the individual ports? i.e. to tell PC-B that Port-1 & Port-2 are empty but Port-3 & Port-4 are occupied?


I'm sorry if these questions seem noob-ish, but the book I have with me doesn't really explain this issue in a way that I understand. Also, the above theory is my "best-fit" explanation to my router's behavior (a Linksys WRT54GL running DD-WRT).

-chronodekar

 

[drebo]

What I need to confirm is, if we have an SNMP agent running on the switch, will it be able to distinguish between the 4 ports?

That depends entirely on the router. If the router is able to distinguish between the four ports, then the answer will be yes. By "distinguish between", I mean that the router is capable of assigning different roles to the different ports (VLAN, trunking, DMZ, etc).

In the case of DD-WRT, it's entirely probable, though I don't know too much about the internals of DD-WRT. In the case of a standard SOHO router, the answer is "probably not" because those four ports are bridged together into one logical interface, and it's that logical interface that you can monitor.

But, again, it fully depends on the router. On a Cisco router, if you have ports as part of an Etherchannel or bridge group, you can monitor both the logical Po/BVI interface AND the individual member interfaces.