You are on page 1of 109

GestiIPIPAM

v3.2

IPaddressmanagementsoftware

Documentation
v0.3

www.gestioip.net

GestiIPCopyrightMarcUebel2015

DocumentationGestiIPIPAMv3.2

TableofContents
1Introduction......................................................................................................................................6
2Use....................................................................................................................................................7
2.1Access.......................................................................................................................................7
2.2Shownetworks..........................................................................................................................7
2.2.1Rootnetworks...................................................................................................................8
2.3Showhosts..............................................................................................................................10
2.3.1Hostlistview..................................................................................................................10
2.3.2Hostoverview.................................................................................................................11
2.3.3Hoststatusview..............................................................................................................12
2.3.4Hostcheck.......................................................................................................................12
2.4Searchfunctions......................................................................................................................14
2.4.1Quicksearch....................................................................................................................14
2.4.2Advancednetworksearch...............................................................................................15
2.4.3Advancedhostsearch......................................................................................................15
2.5History....................................................................................................................................16
2.6Audit.......................................................................................................................................16
3Administration................................................................................................................................19
3.1Administrationofhostentries/IPaddresses............................................................................19
3.1.1Insertoredithostentries.................................................................................................19
3.1.2Deletehostentries...........................................................................................................20
3.1.3Hostmassupdate............................................................................................................21
3.1.3.1Editmultiplehostentries.........................................................................................21
3.1.3.2Deletemultiplehostentries.....................................................................................22
3.2Networkadministration..........................................................................................................23
3.2.1Newaddnetworksmanually........................................................................................23
3.2.1.1Createonenetwork..................................................................................................23
3.2.1.2Createmultiplenetworkswithsamebitmasks........................................................24
3.2.1.3Createmultiplenetworkswithdifferentbitmasks..................................................24
3.2.2Change/deletenetworks..................................................................................................25
3.2.2.1Edit..........................................................................................................................26
3.2.2.2Reservedranges.......................................................................................................27
3.2.2.3ManualupdateagainstDNS....................................................................................28
3.2.2.3.1GenericrDNSentries.......................................................................................29
3.2.2.4ManualhostupdateviaSNMP................................................................................31
3.2.2.5Split.........................................................................................................................31
3.2.2.6Clear........................................................................................................................33
3.2.2.7Delete.......................................................................................................................33
3.2.2.8Networkmassupdate..............................................................................................33
3.2.2.8.1Editmultiplenetworkentries..........................................................................34
3.2.2.8.2Clearmultiplenetworks...................................................................................34
3.2.2.8.3Deletemultiplenetworkentries.......................................................................35
3.2.3Joinnetworks..................................................................................................................35
3.2.4Showfreeranges.............................................................................................................36
2

DocumentationGestiIPIPAMv3.2

3.2.5Subnetcalculator.............................................................................................................36
3.3VLANs....................................................................................................................................37
3.3.1show,edit,delete.............................................................................................................37
3.3.2New.................................................................................................................................38
3.3.3Unify...............................................................................................................................38
3.3.4VLANprovider...............................................................................................................39
3.3.4.1ShowVLANprovider.............................................................................................39
3.3.4.2NewVLANprovider...............................................................................................40
3.3.5ImportVLANsviaSNMP..............................................................................................40
3.4Autonomoussystemmanagement..........................................................................................41
3.4.1show,edit,delete.............................................................................................................41
3.4.2new..................................................................................................................................42
3.4.3showASclients...............................................................................................................42
3.4.4newASclient..................................................................................................................42
3.5Linemanagement....................................................................................................................42
3.5.1show,edit,delete.............................................................................................................42
3.5.2new..................................................................................................................................43
3.5.3showlineprovider...........................................................................................................44
3.5.4newlineprovider............................................................................................................44
3.6ManageGestiIP(globalconfigurationparameters)..............................................................44
3.6.1Clientindependentconfigurationparameters.................................................................44
3.6.2Clientspecificconfigurationparameters........................................................................45
3.6.2.1SmallestimportableBM..........................................................................................45
3.6.2.2Pingtimeout............................................................................................................46
3.6.2.3DNSserver..............................................................................................................46
3.6.2.4Manualupdate.........................................................................................................47
3.6.2.5ExtendedsupportforOCSInventoryNG...............................................................48
3.6.3Manageauditdb..............................................................................................................49
3.6.4Resetdatabase.................................................................................................................50
3.7Clients.....................................................................................................................................50
3.7.1Manageclients................................................................................................................51
3.7.1.1Addclients...............................................................................................................51
3.7.1.2Editclients...............................................................................................................51
3.7.1.3Deleteclients...........................................................................................................52
3.8Sitesandcategories.................................................................................................................53
3.8.1Sites.................................................................................................................................53
3.8.2Networkcategories.........................................................................................................53
3.8.3Hostcategories................................................................................................................53
3.9Customcolumns.....................................................................................................................54
3.9.1Predefinedcustomhostcolumns.....................................................................................55
3.9.2Predefinedcustomnetworkcolumns..............................................................................57
3.9.3Addcolumns...................................................................................................................57
3.9.4Deletecolumns................................................................................................................57
4Statistics.....................................................................................................................................59
3

DocumentationGestiIPIPAMv3.2

4.1Generaloverview....................................................................................................................59
4.2Network/rangeoccupation......................................................................................................59
4.3Miscellaneous.........................................................................................................................60
5Databaseinitialization....................................................................................................................61
5.1Discovery................................................................................................................................61
5.2ImportnetworksviaSNMP....................................................................................................65
5.2.1ManualimportviaSNMP...............................................................................................65
5.2.2ScriptbasednetworkimportviaSNMP.........................................................................66
5.3Importfromspreadsheet.........................................................................................................67
5.3.1Importnetworksfromspreadsheets................................................................................67
5.3.2Importhostsfromspreadsheet........................................................................................69
5.3.3ImportVLANsfromspreadsheet....................................................................................71
6Accesscontrol................................................................................................................................72
6.1Authentication.........................................................................................................................72
6.1.1Defaultauthentication.....................................................................................................72
6.1.1.1Createnewaccounts................................................................................................72
6.1.1.2Changeuserspassword...........................................................................................73
6.1.1.3Deleteaccounts........................................................................................................73
6.2Authorization..........................................................................................................................74
6.2.1Activation........................................................................................................................74
6.2.2Users................................................................................................................................75
6.2.2.1CreateUsers............................................................................................................75
6.2.2.2EditUsers................................................................................................................76
6.2.2.3DeleteUsers............................................................................................................76
6.2.3UserGroups....................................................................................................................76
6.2.3.1Permissions..............................................................................................................77
6.2.3.2CreateUserGroups.................................................................................................79
6.2.3.3EditUserGroups.....................................................................................................79
6.2.3.4DeleteUserGroups.................................................................................................79
6.2.4UsergipoperofGestiIPversions<3.2......................................................................80
7Advancedfunctions........................................................................................................................81
7.1Updatecheck...........................................................................................................................81
7.2Databaseconfiguration(ip_config)........................................................................................82
7.3Exportnetworks,VLANsorhoststoCSV.............................................................................82
7.4Addanewlanguage................................................................................................................84
8IPv6Addressplan...........................................................................................................................85
8.1Directtranslation.....................................................................................................................85
8.1.1Createtheaddressplan...................................................................................................86
8.2HierarchicalIPv6addressplanbasedonsitesandcategories................................................87
8.2.1Createtheaddressplan...................................................................................................88
9Automaticupdate............................................................................................................................93
9.1Scriptdirectorystructure........................................................................................................94
9.2Commandlineoptions............................................................................................................95
4

DocumentationGestiIPIPAMv3.2

9.3Configuration..........................................................................................................................96
9.4Automaticexecutionwithcron...............................................................................................99
9.5RequiredPerlModules.........................................................................................................100
9.5.1ManualinstallationofmissingPerlmodules................................................................101
9.5.1.1SNMP::InfoandNetdiscoMIBs...........................................................................102
10Generalinformation....................................................................................................................103
10.1Backup................................................................................................................................103
10.2Firewallrules......................................................................................................................103
10.3JavaScript............................................................................................................................104
10.4Cookies...............................................................................................................................104
11Troubleshooting..........................................................................................................................104
11.1SNMP..................................................................................................................................104
11.1.1GeneralSNMPproblems............................................................................................104
11.1.2ProblemswithVLANdiscovery.................................................................................106
11.1.3Problemswithnetworkdiscovery...............................................................................106
11.2Database..............................................................................................................................107
11.3UnistallingGestiIP............................................................................................................107
12Licence.......................................................................................................................................108
AppendixA......................................................................................................................................109

DocumentationGestiIPIPAMv3.2

1Introduction
GestiIPisanautomated,webbasedIPaddressmanagement(IPAM)software.ItsupportsIPv4as
wellasIPv6.Thesoftwareisdesignedtocollectinformationinanautomatedway,makingits
maintenancecostlow.Itofferswebformstoimportnetworksfromspreadsheetsorfromtherouting
tablesofSNMPenableddevicesandwebbasedsynchronizationofthenetworksagainsttheDNS.
ItalsoallowsforcronscheduledautomaticupdateofthehostentriesviaSNMP,againsttheDNS
oranOCSInventoryNGthatensuresthatGestiIP'sdatabaseisalwaysuptodate(see9).
Over90%oftheworkwithanIPAMsystemaccountsforaccesstoinformation.GestiIPis
optimizedinordertofindeasilyandfastthedesiredinformationbyfeaturingeffectivesearch
functionswhichareaccessiblefromeverypage,allowingtheuseofInternetSearchEngine
equivalentexpressions(see2.4).
Sincethesystemdisposesaboutcustomizablecolumns,GestioIP'snetworkandhostlistviewscan
beadaptedtomeetthespecificneedsforeveryorganization(see3.9).
However,italsodependsonusers.Userscanintroducetheinformationinuser'sfieldof
responsibilitywhichseemsrelevantforthisuserorfortheircolleagues:Thewindowsadmincan
pute.g.commentslikePDCdomainXYZ,BDC...ThedatabaseadmincanintroducetheSIDs...
andthenetworkadmincanaddacommentlike"TFTP"ormarktheadministrativeinterfacesofthe
firewallsandrouters.Ifthisisdone,GestiIPcanbemorethananoverviewofcurrentnetworks
andIPaddresses.Itisaknowledgebaseforthesmallthingsadminmustremembereveryday.

DocumentationGestiIPIPAMv3.2

2Use
2.1Access
OpenthefollowingURLtoaccessGestiIP:
http://servername/gestioip
Replace"servername"withtheDNSnameortheIPaddressofthewebserver.
rwdefaultuser:gipadmin
rodefaultuser:gipoper
Usethepasswordswhichyouintroducedduringtheinstallation(usingcommandhtpasswd).

2.2Shownetworks
GestiIP'sfrontpagegivesanoverviewofallnetworks.

Fig.1:FrontPage(networklistview)

Clickoverthecorrespondingnetworktolistallofit'sIPaddressesoraccessdirectlyto
historyofthisnetwork
7

DocumentationGestiIPIPAMv3.2

generalinformationaboutthisnetwork(%usageandsubnetcalculatorlikeinformation)
hostoverviewofthisnetwork

Hoveroverthebitmask(BM)ofthenetworkstodisplaythenetmaskandthemaximalnumberof
hosts.

Fig.2:DetailsshownbyhoveringoveraBMentry

WiththefilterIPversionyoucanchooseifIPv4orIPv6networksshouldbedisplayed
Note
GestiIPdefaultmodeisIPv4only.ToenableIPv6supportgotomanage>GestiIP,set
parameterIPv4onlymodetonoandclicksave.
Withthefilters"site"and"category"youcanlistnetworksbysiteand/orbycategory.Youcanfor
instancelistallnetworksfromsiteX,allnetworksoftheproductionenvironmentorallnetworks
fromsiteXwhichareintheproductionenvironment.
Withthefiltershowsupernetsandshowendnetsyoucandeterminewhichtypeofnetworks
shouldbeshown()
Note
Usenetworkquicksearchtolocateindividualnetworks.Searche.g.for150tofindnetwork
192.168.150.0.Orusenetworkquicksearchortodisplaynetworkranges.Searche.g.for
192.168todisplayallnetworkswhichIPinclude192.168(see2.4).

2.2.1Rootnetworks
GestiIPsupportstotypesofnetworks.Rootnetworkswhichcancontainothernetworksbutno
hostentriesandendnetworkswhichcontainthehostentries.
8

DocumentationGestiIPIPAMv3.2

Rootnetworksarecontainersfornetworkspermittingtostructureorganization'snetworks
hierarchically.Rootnetworkscancontainendnetworksaswellasotherrootnetworks.
Activatecheckboxshowrootnetstodisplaytherootnetworkswithinnetworklistview.Root
networksaredisplayedwithabrownbackground.

Fig.3:Networklistviewshowingrootnetworks

Clickingoverarootnetworksdisplaysallnetworkswhichareincludedwithinthisrangeaswellas
thefreerangesbetweenthedefinedendnetworks.

Fig.4:Rootnetworklisview

DocumentationGestiIPIPAMv3.2

2.3Showhosts
GestiIPoffersthreedifferentviewsofnetworks:hostlistview,hostoverviewandhoststatusview.

2.3.1Hostlistview
TolistallIPaddressofanetwork,openthefrontpageandclickoverthecorrespondingnetwork.

Fig.5:Hostlistview(standardcolumns)

ClickfreetoshowonlyunassignedorusedtoshowonlyassignedIPaddresses.
ThecoloredpointinfrontoftheIPaddressesshowstheresultofthelastcheckviaping(see9).
Byhoveringoverthepoint,dateoflastcheckwillbedisplayed.Clickingthepointexecutesthe
hostcheck.
hostlistviewoffersattheendofeachlinefurthermorelinksto
accessthehistoryofthisIPaddress
edittheentry
deletetheentry
andlinkstothefollowingnetworkmanipulationbuttonsatthetopofthepage.
edittoresizebitmaskoreditdescription,site,category,commentorstatusofautomatic
synchronization(see3.2.2.1)
10

DocumentationGestiIPIPAMv3.2

reservedrangestoreserveordeletereservedIPaddressranges(see3.2.2.2)
manualupdatetosynchronizethenetworkentriesagainsttheDNS(see3.2.2.3)

manualupdateviaSNMPtosynchronizethenetworksviaSNMP(see3.2.2.4)
splitnetworktosplitnetworkintosmallersubnets(see3.2.2.5)
clearnetworkdeleteallentriesofthenetwork(entriesofreservedrangeswillbe
maintained)(see3.2.2.2)
Note
Functionsreservedranges,manualsynchronization,"networkoverview"and"hoststatus
view"arenotavailableforIPv4networkswithaBMsmallerthan20andIPv6networkswithprefix
lengthsmallerthan120.

2.3.2Hostoverview
Thehostoverviewgivesanoverviewaboutthehosttypesofanetwork.

Fig.6:Hostoverview

AccesstoedithostformbyclickingonanIPaddress.

11

DocumentationGestiIPIPAMv3.2

2.3.3Hoststatusview
HoststatusviewshowsthestatusofallIPaddressesofanetworkinacompactmanner.

Fig.7:Hoststatusview

ExecutethehostcheckbyclickingonanIPaddress.Tocheckthestatusofalladdressesofa
networkclick"checkallIPs".Unassignedaddresseswillbeindicatedwithablinkingnumber.

2.3.4Hostcheck
ToexecutethehostcheckaccesstherelevantnetworkandclickoverthepointinfrontoftheIP
address.

Fig.8:"Hostcheck"executionfromhostlistview

GestiIPcheckstheIPaddresswithanICMPechorequest("ping")andexecutesaDNSPTR
12

DocumentationGestiIPIPAMv3.2

query.WhentheIPaddresshasanPTRentry,GestiIPexecutesaDNSAquerywiththeresultof
thePTRquery.

Fig.9:Hostcheckwindow

Thehostcheckisalsoavailablefromhoststatusviewandfromtheedithostform.
Note
IfresultsofDNSAandPTRquerydon'tcorrespondmakesurethatthereisnoDNS
misconfiguration.

13

DocumentationGestiIPIPAMv3.2

2.4Searchfunctions
GestiIPofferstwodifferentsearchengines.Thequicksearchandtheadvancedsearch.
Note
YoucanexportthesearchresulttoCSVformatbyclickingthelinkexportsearchresult.

2.4.1Quicksearch
Thequicksearchfornetworksandforhostsinthemenubarareaccessiblefromallpages.
Thequicksearchfornetworksexecutesasearchinthefollowingdatabasefields:network(IP),
description,site,category,commentandcustomnetworkcolumns.
ThequicksearchforhostentriessearchesthefieldsIP,hostname,description,site,type,comment
andcustomhostcolumns.
ThequicksearchallowsInternetSearchEngineequivalentexpressionslikestring_to_ignore,
+exact_matchand"exactmatch".Asinglestringwillbeprocessedlike"%searchstring%".By
usingsearchstring"192",GestiIPlistsallnetworkswithanIDcontaining"192".Withsearch
string"dhcp",itlistsallnetworkswithdescriptionsorcommentscontaining"dhcp".Withsearch
string192proditwilllistallnetworksofproductionenvironmentwhoseIDcontains192.
Thesearchisn'tcasesensitive.
Searchexpressionexamples:
entry:foobar
expression

result

fo

match

FO

match

foo

match

barfoo

match

fooba

match

foobar

nomatch

+fo

nomatch

+foo

match

"barfoo"

nomatch

"foobar"

match

"ooba"

match
14

DocumentationGestiIPIPAMv3.2

2.4.2Advancednetworksearch
Theadvancedsearchexecutesasearchinspecificdatabasefields.

Fig.10:Advancednetworksearch

Youcansearchforinstanceallproductionnetworkswhicharenotincludedwithintheautomatic
synchronization(see9)orallnetworksofsitexywherethedescriptioncontains"backup".
Whenthecheckbox"tochange/deletenetworks"ischecked,thenetworkmanipulationbuttons
change,ranges,synchronize,split,clearanddeletenetworksareshownwithinthesearchresult.
Note
Ifyouhavemultipleclientsconfigured,thereappearsthenewcheckboxclientindependent
searchwhichpermitstoexecuteasearchthroughGestioIP'sdatabaseignoringtowhichclientthe
networkbelongs.Theclientwillbeshownwithinthesearchresult.

2.4.3Advancedhostsearch
Ifthecheckbox"exactmatch"behindthehostnamefieldischecked,onlyhostswithhostname
entriesidenticaltothesearchstringwouldbelisted.Ifnot,thesearchstringwouldbeprocessed
like"%search_string%".
Example:searchfor"foo"
Resultwithoutmarkedcheckbox:foo,foo1,foo.bar.com...
Resultwithmarkedcheckbox:foo

15

DocumentationGestiIPIPAMv3.2

2.5History
Thehistoryisavailableforboth,networksandhosts.ItlistsIPaddressornetworkspecificevents
fromtheauditdb.Accessnetworkhistoryfromthenetworklistviewandhosthistoryfromhostlist
viewbyclickingthe icon.
Note
Historyinformationisextractedfromauditlog.Deletingoldauditeventscauseshistoryentriesto
alsobedeleted.

2.6Audit
TheauditsystemlogsalleventstoGestioIP'sdatabase.
Toaccesstheauditlogclickon"manage">"audit".

Fig.11:Auditlogfilter

Theauditpageoffersflexiblesearchandfilterfunctionsforallauditfields.
"timerange"or"datefrom...to"marktheradiobuttontoeithershowentriesofatime
range(e.g.last4weeks)ortospecifyastartandanenddate.
"searchstring"searchforanindividualsearchstring.Searchesallauditspecificdatabasefields.
"type"searchforaspecificeventtype.
GestiIPrecognizesthefollowingeventtypes:
eventtype

description

man

manualeventslaunchedfromGestiIP'swebinterface

auto

eventcreatedbytheautomaticupdatingofGestiIPv2.2.5(DNS,OCS,import
16

DocumentationGestiIPIPAMv3.2

viaSNMP)
mandns

manualnetworksynchronizationagainsttheDNS(viaWebinterface)

autodns

automaticnetworksynchronizationagainsttheDNS

autoocs

automaticnetworksynchronizationagainsttheOCSInventoryNG

mansnmp

manualimportofnetworksfromsnmpenableddevices

autosnmp

automaticimportofnetworksfromsnmpenableddevices

mannetsheet

manualimportofnetworksfromspreadsheet

manrange

Eventsinrelationwithranges(create,delete)

manhostsheet

manualimportofhostsfromspreadsheet

redcleared

allentriesofanetworkmanuallydeleted

"class":Searchforeventclass
GestiIPrecognizesthefollowingeventclasses:
eventclass

description

host

foreventsrelatedtohostentries(e.g.hostdeleted,hostedited,...)

net

foreventsrelatedtonetworks(e.g.networkadded,networksplit,reservedrange
added,networksynchronizedagainstDNS,...)

security

foreventsrelatedtosecurity(e.g.oldauditeventsdeleted)

dns

unused

admin

ForchangesinGestioIP'sconfiguration

conf

automaticnetworksynchronizationagainsttheDNS

man_vlan

manualeventsrelatedtotoVLANs

vlan_auto

automaticupdateofVLANdatabase

ini_man

Manualexecutionofdiscoveryprocess

ini_auto

unused

AS

Foreventsrelatedtoautonomoussystems

ASclient

Foreventsrelatedtoautonomoussystemsclients

line

Foreventsrelatedtoleasedordialuplines

lineclient

Foreventsrelatedtoleasedordialuplinesclients

"event":Searchforeventslike(hostedited,hostdeleted,rangeadded,...)
17

DocumentationGestiIPIPAMv3.2

"entries/page":Definethenumberoffoundentriesperpage.
user:Canbefoundusingthefieldsearchstring.

Theshownusercaneitherbeasystemuser(forAUTOevents)oraGestiIPuser(forMANevents
createdfromactionscarriedoutmanuallyviafrontendWeb).
Note
Ifyouconfigureauthenticationwithindividualaccounts,auditwillshowindividualusers(see2.6).
Whenusinggenericaccounts(e.g.gipadmin)itisnotpossibletodirectlyreproducewhohasmade
whichchanges.
Formatofentries:
Hostsevents:IP,hostname,description,site,category,comment,administrativeinterface
Networkevents:IP/bitmask,description,site,category,comment,synchronized
Note
Ifyouhavemultipleclientsconfigured,thereappearsthenewcheckboxallclientswhich
permitstoperformaclientindependentsearchthroughGestioIP'sdatabase.Theclientwillbe
shownwithinthesearchresult.
Note
Todeleteoldauditeventsortoseehowmanyeventsarecurrentlystoredinthedatabase,goto
manage>"manageGestiIP

18

DocumentationGestiIPIPAMv3.2

3Administration
3.1Administrationofhostentries/IPaddresses
Tomanagehostentries/IPaddresses,accesshostlistviewbyclickingontherelevantnetwork.

Fig.12:Hostlistview

3.1.1Insertoredithostentries
Clickonthe"edit"icon

behindtheIPaddresstoinsertoredithostentries.

Fig.13:Edithostformwithenabledcustomcolumnsvendor,modelandURL

19

DocumentationGestiIPIPAMv3.2

HostnameNametoidentifythenode.Ifanodehasmorethanoneinterfaceitisadvisableto
introducethesamehostnameforallIPsortointroducethehostnameinthecommentfieldofallIPs
ofthenodesothatthesearchfunctionfindsallIPsofanodewhensearchingforitshostname
mandatoryfield
DescriptionShortdescriptionofthenodeoptionalfield
SitePhysicallocationofthenodemandatoryfield
CategoryCategoryofthenodeoptionalfield
AI(AdministrativeInterface)TomarktheIPaddresstoaccessthenode(toadministrateit)in
casethenodehasmorethanonenetworkinterfaceoptionalfield
CommentTopointoutwhateverseemstobeinterestingregardingthisnodeoptionalfield
UT(UpdateType):RelevantformanualsynchronizationagainstDNSandautomaticupdate(see
9)

manEntrieswhicharemarkedas"man"willneverbeoverwritten.

ocsEntriescreatedbytheautomaticupdateagainstanOCSInventoryNG.Entries
whicharemarkedas"ocs"willnotbeoverwrittenbymanualorautomaticupdate
againstDNS.

dnsForentriescreatedbymanualorautomaticupdateagainstDNS.Entrieswhichare
markedas"dns"willbeoverwrittenbyautomaticupdateagainstDNSandOCS.

Entrieswithnoupdatetypewillbeoverwrittenbymanualandautomaticupdateagainst
DNSandOCS.
Customcolumns
Withconfiguredpredefinedorselfdefinedcolumnsthereappeartextboxesforeveryofthese
columns,permittingtoeditthevalue(see3.9).
Note
Topreventanentryfrombeingoverwrittenbytheautomaticupdate,itmustbeclassifiedas
"man".

3.1.2Deletehostentries
Clickdelete"

todrophostentriesfromGestiIP'sdatabase.

20

DocumentationGestiIPIPAMv3.2

3.1.3Hostmassupdate
Hostmassupdatefeatureoffersthepossibilitytoperformactionsonmultiplehostentriesatonce.
Itallowstoeditoneormultiplehostcolumnentriesortodeletemultiplehostentries.

3.1.3.1Editmultiplehostentries
Toeditmultiplehostentriesaccesstohostlistview,markthecorrespondingcheckboxesinfrontof
thehostentriestoedit,selectactiontypeedit,selectthecolumnstoeditandpressmassupdate

Fig.14:Editmultiplehostentries

Editthevaluesandpresschangetosavethemtothedatabase.

Fig.15:Editmultiplehostentriesform

21

DocumentationGestiIPIPAMv3.2

Note
Ifaentrywithoutassignedhostisedited,thehostnamewillbeautomaticallysettounknown
NoteforcustomcolumnURL
CustomcolumnURLallowstousevariablesfortheIPaddressesandforthehostnames(see
3.9.1).
IftheURLentryisequalforallselectedhost,theentrywillbeproposedasURLvaluewhen
enteringmultiplehostentriesform.

3.1.3.2Deletemultiplehostentries
Todeletemultiplehostentriesaccesstohostlistview,markthecorrespondingcheckboxesinfront
ofthehostentriestodelete,selectactiontypedeleteandpresschange.

22

DocumentationGestiIPIPAMv3.2

3.2Networkadministration
GestiIPoffersseveraltoolstocreate,deleteormanipulatenetworks.

3.2.1Newaddnetworksmanually
Toaddanewnetworksmanually,clicknetworks>"new"onthemenubar.
Thenewformoffersthepossibilitytocreateonenetwork,multipleconsecutivenetworkswiththe
samebitmasksormultipleconsecutivenetworkswithdifferentbitmasks.

3.2.1.1Createonenetwork

Fig.16:"newnetwork"formcreateonnetwork

networkIDofthenetwork.e.g.:192.168.0.0mandatoryfield
BM(bitmask)Bitmaskofthenetworkmandatoryfield
descriptionShortdescriptionofthenetworkmandatoryfield
commentOptionalcomment
siteWhereisthenetworkphysicallylocated?Whenthesiteofthenetworkischanged(or
renamed),siteofthehostentriesofthenetworkwillbechangedaswellmandatoryfield

23

DocumentationGestiIPIPAMv3.2

categoryTocategorizethenetworkine.g.production,preproduction,developmentmandatory
field
rootnetworkcheckthisboxifthenewnetworkshouldbearootnetwork
includenetworkwithinautomaticupdateToincludethenetworkwithintheautomaticupdate
(see9)onlyavailableforendnetsoptionalfield

Clickonthecalculatelinktocheckwhethernetworkandbitmaskarecorrectlyintroduced.

3.2.1.2Createmultiplenetworkswithsamebitmasks
Withthecreatemultiplenetworksformitispossibletocreateupto50consecutivenewnetworksin
onestep.EnterthenetworkID(e.g.172.16.0.0),chooseabitmaskandchoosethenumberof
networkstocreate.

Fig.17:"newnetwork"formcreatemuliplenetworkswithsameBMs

3.2.1.3Createmultiplenetworkswithdifferentbitmasks
Withthisformyoucancreatemultiplenetworkswithdifferentbitmasks.
Introducethebitmasksinthefollowingformat:/BM1/BM2[/BMn].
24

DocumentationGestiIPIPAMv3.2

Fig.18:"newnetwork"formcreatenewnetworkswithdifferentBMs

Example
Tocreatenetworks4.4.1.0/25,4.4.1.128/27,4.4.1.160/27,4.4.1.192/26inonestep,introducethe
followingvalues:
firstnetwork:4.4.1.0
bitmasks:/25/27/27/26
Note
"showfreeranges"viewoffersthepossibilitytocreatenewnetworksdirectlybyclickingafree
range.

3.2.2Change/deletenetworks
Clicknetworks"change/delete"onthemenubartoaccessthenetworkmanipulationform.

Fig.19:"change/delete"networkform

25

DocumentationGestiIPIPAMv3.2

Thechange/deleteformoffersthefollowingfunctions:
EditToresizebitmaskoreditdescription,site,category,commentorstatusofautomatic
synchronization(see3.2.2.1)
ReservedrangesToreserveordeletereservedIPaddressranges(see3.2.2.2)
ManualsynchronizationviaDNSToupdatethenetworkentriesagainsttheDNS(see
3.2.2.3)
ManualsynchronizationviaSNMPToupdatethenetworkentriesviaSNMP(see
3.2.2.4)
SplitnetworkTosplitnetworkintosmallersubnets(see3.2.2.5)
ClearnetworkDeleteallentriesofthenetwork(entriesofreservedrangeswillbe
maintained)(see3.2.2.2)
DeletenetworkDeletenetworkwithallentriesandreservedranges(see3.2.2.7)

3.2.2.1Edit
Click"networks">"change/delete/">edit toresizethebitmaskortoeditdescription,site,
category,comment,sync(synchronization)orcustomcolumnsvalues.

Fig.20:"editnetwork"formwithenabledcustomcolumnVLANs

26

DocumentationGestiIPIPAMv3.2

Foradescriptionofthefieldssee3.2.1.
ClickingontheIPaddressexecutesthehostcheck.

3.2.2.2Reservedranges
GestiIPoffersthepossibilitytoreserverangesforspecialusage(e.g.forDHCP).Thisoptionis
onlyforIPv4networksavailable.
Creatingareservedrange,GestiIPaddsacommenttothecorrespondingnetworkandtothehosts
thatareincludedintherange.ThehosttypeoftheIPaddressesofthereservedrangeis
predetermined(butchangeable).Thismeansthatautomaticupdatesetshosttypeautomatically
whencreatingnewhostentrieswithinreservedranges(e.g.rangetype:workst(DHCP)=>host
type:workst).
Clicknetworks>change/delete>ranges

toaccessrangemanipulationform.

Note
HostoverviewshowsIPaddressesofreservedrangeswithagraybackground.
Insertranges
MarkthefirstandthelastIPaddressoftherangeyouwanttoadd,insertashortdescriptive
commentandmarktherangetype(hosttypesofthereservedrange).Thenclickaddtocreate
thenewrange.

Fig.21:"newrange"form

27

DocumentationGestiIPIPAMv3.2

Note
Ifyousetconfigurationparameterdyn_ranges_onlytoyes(see9.3),automaticupdatewill
onlyprocessentriesofreservedranges.
Note
Whencreatingareservedrange,allentriesbetween"FirstIP"and"LastIP"willbedeleted.
Deleteranges
Todeleteareservedrangeaccesstotherangemanipulationform,choosetherangeyouwantto
deleteandpress"delete"button.ThiswilldeletetherangewithallofitsentriesfromGestioIP's
database.

Fig.22:"deleterange"form

Note
Whensplittingnetworkswithreservedranges,therangesandalloftheirentrieswillbedropped.

3.2.2.3ManualupdateagainstDNS
Thefunction"sync" (networksynchronizationagainstDNS)isintendedtoupdateallIP
addressesofanetworkwiththeactualDNSentries.Thenetworksynchronizationexecutesan
ICMPechorequest(ping)toallIPaddressesandanrDNSqueryofallIPaddressesofthenetwork.
Thedecisionifandhowanentryisupdatedfollowsthefollowingscheme:
Answerstoping?

rDNSentry
configured?

Matchignoreor
ignore_generic_auto?

Update? Hostnamesetto

Yes

Yes

Yes

Yes

unknown

Yes

Yes

No

Yes

rDNSname

Yes

No

Yes

unknown

28

DocumentationGestiIPIPAMv3.2

No

Yes

Yes

No

No

Yes

No

Yes

rDNSname

No

No

No

Note
Updatetypeocsormanavoidsthatmanualsynchronizationupdatestheseentries(see3.1.1).
Note
TopreventthatthenetworksbeingfilledwithgenericrDNSentriesread3.2.2.3.1.

3.2.2.3.1GenericrDNSentries

GenericrDNS(PTR)entriesareoftenusedinrelationwithdynamicassignedIPaddressesorto
preventnetworkreversediscovery.WithconfiguredrDNSentriesyouwillgetavalidanswerto
rDNSqueriesforalladdressesofanetwork(butwithoutusefulinformationcontent).GenericrDNS
entriesmaylooklikethis:
1245.domain.org
2245.domain.org
3245.domain.org
....
GestiIP'supdatefunctions(AUTOandMAN)updateunassignedaddresseswhentheyreceivea
validanswertoanrDNSquery.Thiscausesthedatabasetobefilledwith(undesired)rDNSentries.
GestiIPofferstwomechanismstopreventtheupdatefromactualizingthenetworkwithgeneric
rDNSentries(like10245.domain.org):
ignoregenericauto:Setthisvalueto"yes"iftheupdatescriptshouldignoreDNSentriesthat
matchautogeneratedgenericrDNSstringsandthatdoesnotrespondtoping.
Example:
IPaddress

autogeneratedgenericrDNSstring(generatedbyGestiIP)

192.168.200.8

192168200
200168192
1682008
8200192
29

DocumentationGestiIPIPAMv3.2

Withignoregenericautosetto"yes"theautogeneratedgenericrDNSstringmatchesifyour
rDNSentrieslooklike
19216820015.some_stringor15200168192.abc.de.fg
IPaddresseswithrDNSentriesthatmatchautogeneratedgenericrDNSstringsbutdontanswer
topingwillbeignored.Iftheaddressanswerstopingandmatchesautogeneratedgeneric
rDNSstrings,thehostnameissettounknown.
ignore:IfyouuseaschemeforrDNSentriesotherthantheschemessupportedbyGestiIP,the
stringstobeignoredcanbesetheremanually.Thefieldacceptsasinglestringoracomma
separatedlistofstringstoignore.
Example:
ToavoidthatanetworkisfilledwithgenericPTRentrieslike10.200.168.192.domain.organd
55.0.16.172.domain.orgsetthe"ignore"variableto:
200.168.192,0.16.172
MakesurethatthestringtoignoreisspecificforyourrDNSentries.Ifyousetignoreinthe
exampleaboveto"domain",thegenericrDNSentrieswillbeignoredbutentriessuchas
"host.domain.org"("goodentries")willbeignoredaswell.
Note
ConfigureignoreandignoregenericautoglobalconfigurationparametersfrommanageGestiIP
form(see3.6).

30

DocumentationGestiIPIPAMv3.2

3.2.2.4ManualhostupdateviaSNMP
ThemanualhostupdateviaSNMPofferstheoptiontoupdatethehostentriesofanetworkby
queryingallIPsviaSNMP.Click
toaccesstomanualupdateform.
ManualupdateviaSNMPwilltrytoconnecttoeveryIPaddressofthenetworkandactualizehost
informationwithfoundvalues.

Fig.23:ManualupdateviaSNMPform

Insertacommunityname(SNMPv1/2c)orausername(SNMPv3),chooseSNMPversionandclick
discovertostarttheupdateprocess.
Note
ExecutionofmanualhostupdateviaSNMPmaytakesomeminutes.
Note
HostupdateviaSNMPactualizespredefinedhostcolumns,too(see3.9).
Note
GestiIPcurrentlysupportsonlySNMPv3withtheSecurityLevel'noAuthNoPriv'.

3.2.2.5Split
Thesplitnetworkformoffersthepossibilitytosplitanetworkeitherintosmallernetworkswiththe
samebitmasksorintosmallernetworkswithdifferentbitmasks.
Clicknetworks>change/delete>"split"

toaccessthesplitnetworkform.
31

DocumentationGestiIPIPAMv3.2

Fig.24:"splitnetwork"form

Tosplitnetworksintosmallernetworkswiththesamebitmaskselectthenewbitmaskandclick
send.
Tosplitnetworksintosmallernetworkswithdifferentbitmasksinserta/(slash)separatedlistof
thebitmasksofthenewsubnetsinthebitmasksfield(/bitmask1/bitmask2[/bitmaskN])andclick
send.
Example
Ifyouwanttosplitnetwork172.16.5.0/24intothenetworks
172.16.5.0/25
172.16.5.128/26
172.16.5.192/26
introduce/25/26/26intothebitmasksfield.
Whenthe"bitmasks"arecorrectlyintroduced,alistofthenewsubnetsisshown.Ifthelistis
correct,introducedescription;choosesitesandcategoriesforthenewnetworksandpress"send"to
splittheoriginalnetworkintothenewsubnets.Ifthebitmasksareincorrectlyintroduced,adetailed
errornotificationwillbedisplayed.

32

DocumentationGestiIPIPAMv3.2

Fig.25:Confirmsplitnetwork

Ifthenewnetworksdontincludetheentireoriginalnetwork,awarningwillbedisplayed.By
clickingsendthenewnetworkswillbecreatedandthehostsoftheoriginalnetworkthatarenot
includedwithinthenewrangeswillbedropped.
Note
Splittinganetworkcausesallreservedrangesofthisnetworktobedropped.

3.2.2.6Clear
Clicknetworks>change/delete>"clear"

todeleteallentriesofanetwork.

3.2.2.7Delete
Clicknetworks>change/delete>"delete"
reservedrangesfromGestiIP'sdatabase.

todeletethenetworkwithallofitsentriesand

3.2.2.8Networkmassupdate
Networksmassupdatefeatureoffersthepossibilitytoperformactionsonmultiplenetworkentries
33

DocumentationGestiIPIPAMv3.2

atonce.
Itallowstoeditoneormultiplenetworkcolumnentries,toclearnetworks(deleteallhostentries)
andtodeletemultiplenetworks.
Gotonetworkchange/deletetoaccesstonetworkmassupdateform.

3.2.2.8.1Editmultiplenetworkentries
Toeditmultiplenetworksmarkthecheckboxinfrontofthenetworkstoedit,selecteditfrom
actionselectbox,selectthecolumnstoeditandpressmassupdate.

Fig.26:Networkmassupdate

Edit/selectthenewvaluesandpresschangetosavethemtothedatabase.

Fig.27:Networkmassupdateeditform

3.2.2.8.2Clearmultiplenetworks
Todeletethehostentriesofmultiplenetworksmarkthecheckboxinfrontofthecorresponding
networks,selectactiontypeclearandpresschange.
34

DocumentationGestiIPIPAMv3.2

3.2.2.8.3Deletemultiplenetworkentries
Todeletemultiplenetworksandalloftheirhostentriesmarkthecheckboxinfrontofthe
correspondingnetworks,selectactiontypedeleteandpresschange.

3.2.3Joinnetworks
Tojoinnetworksclicknetworks>change/delete>"join"onthemenubar.
MarktwonetworksthatyouwishtojoinandpressENTERorclick"join"atthebottomofthepage.

Fig.28:Joinnetworksform

Thenetworksdonotneedtobeconsecutive.GestiIPsuggestsonewaytojointhenetworks.The
suggestioncanbeacceptedorthenewnetworkcanbeintroducedmanually.Incaseitisnot
possibletojointhenetworksdirectly,GestiIPoffersthepossibilitytointroducethenewnetwork
manually.
Formatofnetworkformanualintroduction:network/bitmaske.g.192.168.0.0/24

Fig.29:Confirmjoinnetworks

35

DocumentationGestiIPIPAMv3.2

3.2.4Showfreeranges
Foranoverviewoftheunusedspacesbetweentheexistingnetworksclicknetworks>"showfree
rages"onthemenubar.Clickontheunusedspacetocreateoneormultiplenetworksdirectlyfrom
theunusedspace.

Fig.30:Freeranges

3.2.5Subnetcalculator
GestiIP'ssubnetcalculatorsupportsbothclassfulandclasslessnetworks.
Clicknetworks>"subnetcalculator"onthemenubartoopenthesubnetcalculatorwindow.

Fig.31:Integratedsubnetcalculator

36

DocumentationGestiIPIPAMv3.2

Note
ThesubnetcalculatoracceptsIPsinintegerformat,too.
Note
Thesubnetcalculaterisalsoavailableasonlineversion:http://www.gestioip.net/cgi
bin/subnet_calculator.cgi

3.3VLANs
GestiIPincorporatesanautomatedVLANmanagementsystemintegratingthepossibilitytoimport
VLANseasilyfromnetworkdevicesviaSNMP.
ThepredefinednetworkcolumnVLANsisaimedtoassociateVLANstospecificnetworks.With
configuratedVLANcolumn,VLANinformationwillbeshownwithinnetworklistview(see3.9).

3.3.1show,edit,delete
AccesstoVLANlistview("VLANs">"show")toshow,editordeleteVLANs.

Fig.32:ShowVLANs

Clickoverthe

symboltoopentheVLANsearchform.

37

DocumentationGestiIPIPAMv3.2

VLANlistviewfeaturesthefollowingcolumns
numberVLANnumber(mandatory).
nameVLANname(mandatory).
descriptionAdescriptionfortheVLAN(optional).
providerTheremightbeVLANswithdifferentInternetServiceProviders(ISPs)contracted.This
columnallowstospecifyanInternetServiceProvider(optional).
devicesThiscolumnliststhenetworkdeviceswheretheVLANwasfoundbyVLANdiscovery.
HoveringovertheIPaddressdisplaysthedevicename.Thisfieldcannotbeeditedmanually.
unifiedVLANsToassociatesameVLANswhichappearsindifferentdeviceswithdifferent
names(e.g.VLAN1mayhavethename"default"ononeand"default_vlan"onanotherdevice)
(see3.3.3).

3.3.2New
Clickover"VLANs">"new"tointroducenewVLANsmanually.

Fig.33:NewVLANform

3.3.3Unify
UnifyVLANsisaimedtoassociatesameVLANswhichappearindifferentdeviceswithdifferent
names,sothattheyappearlikeoneVLANinGestiIP'sdatabase.
BecauseVLANnameisconfiguredmanuallybynetworkadministrators,sameVLANsmayappear
indifferentdeviceswithdifferentnames(e.g.VLAN1mayhavethename"default"ononeand
"default_vlan"onanotherdevice).AutomaticVLANimportationwillimportthatkindofVLANs
likedifferentVLANs.ThatcausesthatthisVLANswillappearliketwoVLANsinVLANlistview.
Withunifyoptionit'spossibletoassociatethisVLANssothattheyappearlikeoneVLANin
38

DocumentationGestiIPIPAMv3.2

GestioIP'sVLANlistview.
Click"VLANs">"unify"toaccessVLANunifyform.ThereappearonlyVLANswithsame
numberbutdifferentnames.MarktwoormoreVLANswithsamenumbersthatshouldbeunified
andclick"unify"atthebottomoftheVLANlist.

Fig.34:UnifyVLANsform

SelectthenamethatshouldappearfortheunifiedVLANandclick"send"tounifytheVLANs.

Fig.35:UnifyVLANsform

3.3.4VLANprovider
AnorganizationmayhaveVLANswithISPscontracted.OptionVLANproviderisintendedto
associatethisVLANswithanISP.

3.3.4.1ShowVLANprovider
Click"VLANs">"showVLANproviders"tolist,editordeleteVLANproviders.

39

DocumentationGestiIPIPAMv3.2

3.3.4.2NewVLANprovider
Click"VLANs">"newVLANproviders"toaccessnewVLANproviderform

Fig.36:AddVLANproviderform

Toaddanewproviderintroduceanameandanoptionalcommentandclick"add".

3.3.5ImportVLANsviaSNMP
Clickimport/export>importVLANsviaSNMPtoaccesstoVLANimportationform.

Fig.37:ImportVLANsform

ImportVLANsfunctioncanbelancedagainstonedevicebyintroducinganIPAddress(textfiled
node)oragainstmultipledeviceswhichareclassifiedlikeL2deviceorL3devicebymaking
themintheLayerIIdevicesorLayerIIIdevicesselectbox.

40

DocumentationGestiIPIPAMv3.2

Note
IftherearenodevicesclassifiedwithhosttypeL2orL3device,thereappearsthenote"Nolayer
II/IIIdevicesdefined".Tochangethehosttypeofadevicegoto"shownetworks",accesstothe
correspondingnetworkandclickdevice"edithost"button.
Note
Column"switches"ofVLANoverviewwillonlybeupdatedifdiscoveryislancedagainstadevice
fromLayerIIorLayerIIIdevicesselectbox.
Note
VLANdiscoveryisbaseonthePerlModuleSNMP::Info(see9.5.1.1).VLANdiscoveryworksonly
withdevicessupportedbySNMP::Info.Consultthedevicecompatibilitymatrixtoverifyifyour
devicesaresupported(http://netdisco.org/DeviceMatrix.html).Ifthedeviceisnotsupportedorifit
isnotpossibletoconnecttothedevice,GestiIPwilldisplaythemessageCANNOTCONNECT.

3.4Autonomoussystemmanagement
GestiIPfeaturesasimplemanagementsystemforautonomoussystems.Tousethisfeatureyou
needtoenableautonomoussystemsupportfrommanage>gestioip(see3.6.1).Thisfeatureis
thoughttobeusebyInternetserviceproviders(ISP).

3.4.1show,edit,delete
Accesstoautonomoussystemslistviewtoshow,editordeleteAS("AS">"show").

Fig.38:Autonomoussystemlistview

Clickoverthe

symboltoopentheASsearchform.

ASnumberASnumber(mandatory).
descriptionAdescriptionfortheAS(optional).
ASclientTheclienttowhichtheASisassignedto(optional).
ASclienttypeThetypeofclienttowhichtheASisassignedto(optional).
commentAoptionalcomment.
41

DocumentationGestiIPIPAMv3.2

Click
Click

toedittheAS
todeletetheASfromGestiIP'sdatabase

3.4.2new
Clickover"AS">"new"tointroducenewASmanually.

Fig.39:Newautonomoussystemform

3.4.3showASclients
Autonomoussystemclientsallowtospecifytowhichclientanautonomoussystemisassignedto.
AccesstoASclientlistviewtoshow,editordeleteASclients.

3.4.4newASclient
TointroduceanewASclientclickoverASnewASclient.

3.5Linemanagement
GestiIPfeaturesamanagementsystemforleasedanddialuplines.Tousethisfeatureyouneedto
enablelinesupportfrommanage>gestioip(see3.5)

3.5.1show,edit,delete
Accesstoleastlinelistviewtoshow,editordeletetheleasedlines("lines">"show").

42

DocumentationGestiIPIPAMv3.2

Fig.40:Lineslistview

Clickoverthe

symboltoopentheASsearchform.

providerISPfromwhichthelineiscontracted
typetypeofthedialupline(e.g.leasedordialup)
serviceservice(e.gT1,T3,...forleasedorADSL,SDSL,ISDN,fordialup)
descriptionanoptionaldescription
phonenumberphonenumberprovidedbytheIPS(fordialuplines)
adnumberAdministrativnumberassignedbytheISP
sitethesitewheredialuplineends
roomtheroomwherethedialuplineends
connecteddevicedevicewhichisconnectedtotheleasedline(e.g.manufacturer,model)
commentanykindofcomments

3.5.2new
Clickover"lines">"new"tointroducenewleasedordialuplinesmanually.

Fig.41:Newlineform

43

DocumentationGestiIPIPAMv3.2

3.5.3showlineprovider
Lineproviderallowtospecifyfromwhichprovideraleasedordialuplineiscontracted.

3.5.4newlineprovider
Tointroduceanewlineproviderclickoverlinenewlineclient.

3.6ManageGestiIP(globalconfigurationparameters)
GestiIP'sconfigurationisdividedinfoursections:

Clientindependentconfigurationparameters
Clientspecificconfigurationparameters
Deleteauditevents
Resetdatabase/deletenetworks

Toconfigureglobalconfigurationparametersortodeleteoldauditeventsfromthedatabaseclick
manage>"manageGestiIP"fromthemenubar.

3.6.1Clientindependentconfigurationparameters
defaultclientClienttodisplaywhenaccessingtoGestiIP.
IPv4onlymodToenableIPv6supportsetthisparametertono.WithenabledIPv6support
therewillappearnewIPv6relatedelementswithinmanyformsallowinge.g.toimport/export,
discoverandmanageIPv6networksandhosts.
AutonomoussystemsupportSetthisparametertoyestoenabletheautonomoussystem(AS)
managementsystem.WithenabledASsupportthereappearanewitemASwithinthemenubar
allowingtoaccesstotheASrelevantforms(see3.4).
LinessupportSetthisparametertoyestoenabletheleasedanddialuplinemanagement
system.Withenabledlinesupportthereappearanewitemlineswithinthemenubarallowingto
accesstotheLeastlinemanagementrelevantforms(see3.5).
askforconfirmationIfthisparameterissettoyes,therewillbeaconfirmationwindow
displaywhenexecutingcriticalactionslikeclearnetworkordeletenetwork.

44

DocumentationGestiIPIPAMv3.2

MIBdirectoryDirectorywhereNetdiscoMIBsarestored(see9.5.1.1).
VendorspecificMIBsManufacturerspecificdirectories.Thisparametershouldbeonlybeedited
afterupdatingtoanewerversionofNetdiscoMIBs.
Afterchangingtheparametersclicksettosavethenewvalues.

Fig.42:Clientindependentconfigurationparameters

Note
AfterenablingASorlinesupportbyclickingset,thenewmenuelementsAS
(autonomoussystems)andlineswillnotappearinstantly.Theywillappearafterclickingthe
nexttimeoveranylink.

3.6.2Clientspecificconfigurationparameters
Withtheclientspecificconfigurationparametersit'spossibletoinfluenceGestiIP'scomportment.

3.6.2.1SmallestimportableBM

45

DocumentationGestiIPIPAMv3.2

smallestimportableBMIPv4networkswithabitmasksmallerthanthisparameterwillnotbe
imported.
Example
IfGestiIP'sSNMPbaseddiscoverymechanismimportsthenetwork192.168.0.0/16fromarouter,
allothernetworkswithinthisrange(e.g.192.168.0.0/24,192.168.1.0/24,)whicharefoundlater
wouldbeignoredbecausetheyareoverlappingwiththenetwork192.168.0.0/16.Toavoidthat
networkswithabitmaskof/16willbeimportedsetthisparametertoavalue>=17.
Note
Thisparameterhaschangedfromolderversion.InversionsbeforeGestiIPv3.0,networkswitha
bitmask<thevalueofsmallestimportableBMwherenotpresentableinthehostviews.GestiIP
v3.0haseliminatedthislimitandallowsnowtolistIPv4networkswithanykindofbitmask.
Note
ThisparameterinsnotrelevantforIPv6discovery.AllIPv6networkswithaprefixlengthsmaller
than64willbeautomaticallyclassifiedasrootnetworkandbecauseofthis,thisnetworkswill
notcauseoverlappingerrors.

3.6.2.2Pingtimeout
"ping"timeoutGestiIPworkswithNet::Ping::ExternalPerlmodule.Becausethemodule
ignorestimeoutargumentunderLinux,hostcheckandupdateagainstDNSworkwiththedefault
timeoutof10s.PatchNet::Ping::ExternalPerlmoduletomakethefunctionswhichuse"ping"faster
(withatimeoutof2secondsitwouldbe5xfaster).
Seehttp://www.gestioip.net/docu/Ping_External_Timeout_Problem.txtforinstructionsonhowto
patchit.

3.6.2.3DNSserver
ThefollowingparametersarerelatedtotheDNSserverstousefortheactualclient:
usedefaultresolverCheckthisradiobuttonifDNSqueriesforthisclientshouldbelanced
againstthedefaultDNSserver(specifiedin/etc/resolv.conf)(default)
specifyDNSserverCheckthisradiobuttonifDNSqueriesforthisclientshouldbelanced
againstcustomDNSservers(hostcheck,updateagainstDNS,updateviaSNMP).
DNSserverIIIISpecifyheretheDNSServertoqueryinthecasethatspecifyDNSserver
radiobuttonischecked.
Note
46

DocumentationGestiIPIPAMv3.2

GestiIPv3.0doesnotsupportsignedDNSzonetransfers(TSIG).Thiswillbeimplementedinnext
versionv.3.1.

3.6.2.4Manualupdate
Thefollowingparametersarerelatedtomanualupdate:
ignoreStringthatmatchgenericrDNSentriesinthecasethatyourgenericrDNSentriesdon't
match"genericautoPTRentries"(seeignoregenericauto).Thisoptionhelpsupdatetorecognize
genericrDNSentries.Example:rDNSentry:dhcp2.3.5.2.gestioip.net>ignore:dhcp
ignoregenericautoSetthisvalueto"yes"iftheupdatescriptshouldcreateautogenerated
genericrDNSentries.Example:IP:1.2.3.4>genericautoPTRentriesgeneratedbyGestiIP:43
2and234(default:yes).
See3.2.2.3.1formoreinformationaboutignoreandignoregenericautovariables
genericdynamicnameSetheregenericnamesthatmatchthehostnamesassociatedbyanDHCP
server.IfanIPaddresshasanentryinthedatabasethatmatchgenericdynamicnameanddoesnot
respondtopingitwouldbedeleted.IfyouusebothupdateagainstDNSandupdateagainstOCS
InventoryNG,thisparameteralsoavoidsactualizationcreatedbyupdateagainstOCSthatmatch
genericdynamicnamefrombeingoverwrittenbyupdateagainstDNS(inthecasethat
synchronizationagainstOCS'sconfigurationvalue"set_update_type_to_ocs"issetto"no")(coma
separatedlist,casesensitive).
Example:IfyourdynamicallyassignednameslooklikePC001,PC002,LAP001,LAP002set
genericdynamicnametoPC,LAP.
maxnumberparallelprocessesMaximumnumberofparallelprocessestoforkwhenupdating
networks(eachprocessexecutesapingto,andaDNSAandPTRqueryofoneIPaddress).
IncreasingthisvaluereducesexecutiontimebutincreasesCPUload;decreasingthevalueincreases
executiontimebutreducesCPUload.
(IfthemachinethatrunsGestiIPisn'ttoooccupied,avalueof254shouldn'tbeaproblem).
Afterchangingtheparametersclicksettosavethenewvalues.
Note
HighvaluesofmaxnumberparallelprocessesmayalsocausepeaksoftheCPUloadoftheDNS
server.

47

DocumentationGestiIPIPAMv3.2

3.6.2.5ExtendedsupportforOCSInventoryNG
WithenabledOCSsupporttherewillthenewbutton
behindeveryentrywithinhostlistview
bedisplayed,allowingtofetchdirectlytheinformationforthisIPfromanOCSInventoryNG.

Fig.43:HostinformationfetchedfromanOCSInventoryNG

ClicklinkupdateentrytoupdatethedefinedhostcolumnswiththeinformationfoundintheOCS
database.
ToenableOCSsupportsetparameterenableOCSsupporttoyesandclicksave.Afterenabling
OCSsupporttherewillbenewformelementtoconfiguretheparameterfortheOCSdisplayed.Edit
theparametersandclicksavetosavetheconfiguration.
ThefollowingparametersarerelatedtoOCSInventoryNGsupport:
enableOCSsupportsetthisparametertoyestoenableOCSsupport.Thisparameterisonly
relatedtothefrontendwebanddoesnotaffecttheautomaticupdateagainstOCS.

48

DocumentationGestiIPIPAMv3.2

OCSDBnamenameofOCSdatabase
OCSDBusernameofOCSdatabaseuser
OCSDBpasswordOCSdatabasepassword
OCSDBIPaddressIPaddressoftheOCSdatabaseserver
OCSDBportPortwheretheOCSdatabseislistening(default:3306)

3.6.3Manageauditdb
Auditdatabasewillgrowwithtime.Youcandeleteeventscreatedbyautomaticupdateagainst
DNS,SNMPorOCS(AUTOevents)oreventscreatedbyactionsmadeviaGestiIPsfrontend
Web(MANevents)independently(see2.6).

Fig.44:Manageauditdb

Todeleteoldauditevents:

Chooseatimefromwhichtheeventsshouldbedeleted.

Selectifeitheronlyeventsfortheactualclientortheeventsforallclientsshouldbedeleted.

Markcheckboxkeepnetworkseventsifnetworkspecificeventsshouldbekept.

Clickdeletetodeletetheauditevents.
Note
WitholderversionsofMysqlDBtotalsizemaynotbedisplayed.

49

DocumentationGestiIPIPAMv3.2

Note
Historyinformationfornetworksandhostsisextractedfromauditlog.Deletingoldauditevents
causeshistoryentriestoalsobedeleted.

3.6.4Resetdatabase
ResettingthedatabasecausesthatallnetworksandhostsoftheselectedIPversionwillbedeleted
fortheactualclient.Ifboth,IPv4andIPv6isselected,VLANswillalsobedeletedfromGestiIPs
database.

3.7Clients
GestioIPpermitstomanagedifferentclientswithindependentnetworksandVLANs.Ifthereis
morethanoneclientdefined,thereappearsanewselectboxinthemenubarindicatingtheactual
client.

Fig.45:Chooseclientselectbox

Tochangeactualclientchoosethenewclientfromclientselectboxandclickrefresh
button

Fig.46:Changeactualclientrefreshbutton

50

DocumentationGestiIPIPAMv3.2

Note
Clientoptioncanbealsousedtosubdivideacomplexnetworkinfrastructureintosections.You
maycreate"clients"like"offrange"foryourofficialnetworks,"privrange"foryourprivat
networks,...Inthecaseyouthatdiscoverainfrastructurethatissubdivideintosectionsviathe
"client"option,thenetworkdevicesmayholdofficialandprivatenetworksinit'sroutingtables.
Thatmeansthatyouneedtospecifythenetworkswhichshouldbeimportedtomakesure,thatonly
thenetworksforthis"client"willbeimported.SpecifythefirstoctetsoftheNetworkswhichshould
beimportedforthis"client"withtheoption"ProcessonlyIPv4/6networksbeginningwith"within
theimportforms("discovery"(see5.1)),"importnetworksviaSNMP"(see5.2.1)andscript
"get_networks_snmp.pl"(see5.2.2)).

3.7.1Manageclients
Manageclientsformoffersthefollowingoptions:

listclientdetails
addclients
editclients
deleteclients

Click"manage">"clients"toaccesstomanageclientsform.

3.7.1.1Addclients
Whencreatingthefirstclient,allexistingnetworks,VLANsandsiteswillbeassociatedwiththis
client.Becausesitesaremanagedclientindependentlyyouhavetoinsertatleastonesiteforevery
newclient(textfieldsites).Multiplesitesmustbeintroducedinformofacommaseparatedlist.
Note
Youcanchangesitesfrom"manage">"sitesandcategories".
Toaddthenewclientcompleteaddclientformandclick"add".Thenewclientwillnowappearin
clientselectboxinthemenu.

3.7.1.2Editclients
Click"manage">"clients"toaccesstoeditclientform.Choosetheclientyouwanttoeditand
clickeditbutton .

51

DocumentationGestiIPIPAMv3.2

Fig.47:Editclientsform

Click

"update"atthebottomoftheeditclientformtosavethechanges.

3.7.1.3Deleteclients
Todeleteaclientchoosetheclienttodeletefromdeleteclientformanclick"delete".

Fig.48:Deleteclientsform

Deletingaclientcausesthatallinformationspecifictothisclientwillbedeleted(networks,hosts,
sites,auditevents).

52

DocumentationGestiIPIPAMv3.2

3.8Sitesandcategories
Tointroduce,renameordeletesites,hostcategoriesornetworkcategories,open"manage">
"sitesandcategories"onthemenubar.

3.8.1Sites
GestioIP'ssitesareindentedtoassociateaphysicallocation(e.g.adatacenter)withinthenetworks
andhosts.
Note
Sitesfornetworkandhostareindependentlyconfigurable.Ifyouhavenetworksthataredistributed
overdifferentsites(e.g.AandB)youcancreateanadditionalsiteA_B,assignthisnewsitetothe
networkandassignsiteAorBindividuallytothehosts.
Note
Withmultipleclientsconfiguredtherewillonlythesitesoftheactualclientbedisplayed.

3.8.2Networkcategories
DuringinstallationGestiIPproposesthefollowingnetworkscategories:
ProdFornetworksoftheproductionenvironment
PreFornetworksofpreproductionenvironment
TestFornetworksoftestenvironment
DevFornetworksofdevelopmentenvironment
DevtestFornetworksofdevelopmenttestenvironment
CorpForcorporatenetworks(e.g.withPCofendusers,printers,...)
otherForallothernetworks

3.8.3Hostcategories
GestiIPcomeswiththefollowinghostcategories:
L2device

devicesthatworkinlayer2(e.g.hubsorswitches)

L3device

devicesthatworkinlayer3(e.g.multilayerswitchesorrouter)

53

DocumentationGestiIPIPAMv3.2

FW

firewalls

DB

fordatabaseservers

server

anykindofserver

workstation workstations
wifi

wirelessdevices

VoIP

VoIPphones

printer

printers

other

allothertypesofdevices

Note
Selfdefinedhostcategoriesappearinnetworkoverviewwiththe"other"symbol.
Note
Defaulthostcategoriescan'tbedeletednorrenamed.

3.9Customcolumns
GestiIPoffersthepossibilitytodefinecustomcolumnstobeshowninnetworklistview(network
columns)orinhostlistview(hostcolumns)makingitadaptabletoorganizationspecificneeds.

Fig.49:NetworklistviewwithpredefinedhostcolumnsupdatedbySNMPdiscovery

Click"manage">"customcolumns"todefinenewortodeletecolumnsfornetworksandhosts.
GestiIPfeaturestwotypesofcustomcolumns:Predefinedandselfdefinedcolumns.Predefined
hostcolumnswillbeupdatedbySNMPdiscoverymechanisms,selfdefinedcolumnsnot.
54

DocumentationGestiIPIPAMv3.2

3.9.1Predefinedcustomhostcolumns
PredefinedcustomhostcolumnswillbeprocessedbySNMPbaseddiscoverymechanisms.Forthis
reasonit'spreferabletousepredefinedcolumnsifavailableinsteadofselfdefinedcolumns.
GestiIPoffersthefollowingpredefinedhostcolumns:
vendormanufacturer(willbedisplayedwithanicon).GestiIPdistinguishesactuallybetween
morethan140manufactures(vendors)whichwillautomaticallyberecognizedbySNMPdiscovery
functions(seeAppendixAforacompletelistofthemanufacturers)
modelmodel
contactcontact(OIDsystem.sysContact)
serialserialnumber
MACMACaddress
OSoperatingsystem(willbedisplayedwithanicon).GestiIPdistinguishesactuallybetween22
operatingsystemswhichwillautomaticallyberecognizedbySNMPdiscoverfunctions(see
AppendixAforacompletelistoftheoperatingsystems)
device_descrdescription(OIDsystem.sysDescr.)
device_namehostname(OIDsystem.sysName)
device_loclocation(OIDsystem.sysLocation)
URLexternallink(willbedisplayedwithanicon).Thiscolumnallowstoconfigurelinksto
externalwebpagesaswellastoopenremotesessionsagainstthehost(e.g.ssh,telnet,rdesktop
(rdp),vnc,).Specifythelinkinthefollowingformat:SERVICE::URL[,SERVICE1::URL1]
Example:
WiththefollowingURLentry
mrtg::http://mrtg_server/mrtg/server_192.168.7.1.rrd,ssh::ssh//192.168.7.1,VNC::vnc://192.168.7.
1
URLcolumnwilldisplayedasshowninFig.50

Fig.50:CustomhostcolumnURL

CustomcolumnURLallowstousevariables(actuallytwovariables).Thisisusefulin
conjunctionwithmassupdatefeature(see3.2.2.8)whichgivesthepossibilitytoeditmultiple
networksatonce.
Variable

Replacedby
55

DocumentationGestiIPIPAMv3.2

[[IP]]

IPaddressofthehost

[[HOSTNAME]]

hostnameentryofthehost

Example:
Entry:192.168.0.10jupiterdescriptionLondI
Entrywithvariable

Displayedentry

telnet::telnet://[[IP]]

telnet::telnet://192.168.0.10

telnet::telnet://[[HOSTNAME]]

telnet::telnet://jupiter

telnet::telnet://[[HOSTNAME]].domain.org

telnet::telnet://jupiter.domain.org

mrtg::http://mrtg_server/mrtg/server_[[IP]].rrd

mrtg::http://mrtg_server/mrtg/server_192.168.0.10.rrd

Note
Notallbrowsersupporttheformatservice://...forallservices.
NoteforFirefoxusers
IfyougettheerrormessagelikeFirefoxdoesn'tknowhowtoopenthisaddress,becausethe
protocol(rdp)isn'tassociatedwithanyprogramopenanewFirefoxwindow,typeabout:config
intotheURLfield,clickrightmousebuttonaddnewBoolean,insertthevalue
network.protocolhandler.expose.rdpfalse.
Whenclickingnexttimeoverthelink,Firefoxwillaskwithwhichapplicationitshouldopenthe
link.
Rackidentificatoroftherackwherethedeviceismountedphysically
RUrackunitwherethedeviceismountedphysically
switchnetworknodewherethedeviceisconnectedto.Thiscolumnsmightbeprocessedina
futurversionofGestiIPbynetworkdiscovery
portportofthenetworknodewherethedeviceisconnectedto.Thiscolumnsmightbeprocessed
inafuturversionofGestiIPbynetworkdiscovery
linkedIPAllowstoassociateanIPwithoneIPoralistofotherIPaddresses(forexampleto
associateaninternalIPwithit'sVIPaddress).ConfiguringalinkedIPforanIPwillautomatically
createalinkedIPentryfortheassociatedIP,too.
Note
Predefinedaswellasselfdefinedcustomcolumnswillbeprocessedbynetworkandhostquick
search.
Note
Predefinednetworkcolumn"VLAN"andpredefinedhostcolumnsMAC,Rack,switchand
56

DocumentationGestiIPIPAMv3.2

portwillnotbeupdatedbySNMPbaseddiscovery.
Note
Ifyouhavemultipleclientsdefinedthereappearsaradiobuttonwhichletyouchoosetoeitheradd
columnsforalloronlyfortheactualclient.

3.9.2Predefinedcustomnetworkcolumns
GestiIPdisposesaboutthefollowingpredefinedcustomnetworkcolumns:
VLANVLANcolumnisaimedtoassociateVLANswithnetworkstobeshowninnetworklist
view.
FavTomarknetworksasfavoritenetworks.ActivatingtheFavcolumnwilladdthefavorite
button( )tonetworklistviewtoeasilylistthefavoritenetworks.
VRFToindicatetheVRFnamefornetworkswithinVRFs.

3.9.3Addcolumns
Withaddcolumnsfunctionyoucandefinenewcolumnstobeshowninnetworkorhostlistview.

Fig.51:Addhostcolumnsform

Chooseifthecolumnshouldeitherbeshownforalloronlyforactualclientandclickadd.

3.9.4Deletecolumns
Choosethecolumnwhichshouldbedeletedandclickdelete.

57

DocumentationGestiIPIPAMv3.2

Fig.52:Deletecolumnsform

Note
Thedeletecolumnformwillonlybedisplayediftherearecustomcolumnsdefined.
Note
DeletingacolumncausesthatallentriesofthiscolumnwillbedeletedfromGestiIP'sdatabase.

58

DocumentationGestiIPIPAMv3.2

4Statistics
GestiIP'sstatisticspageshowsthenumberofmanagednetworks,hostsandVLAN.Itgivesan
overviewofhowmanynetworksandhostsareinthedifferentenvironments(networkcategories)
andinthedifferentsites,aswellasofthemanufacturersofthedevices.Itoffersthepossibilityto
showtheoccupationofthenetworksandnetworkrangesanditallowstolistthenetworkswhich
onlycontainhostwithstatusdown.
Toaccessthestatisticspagegoto"manage">"statistics".

4.1Generaloverview

Fig.53:Statisticspage

Note
Withmultipleclientsconfigured,onlyclientspecificstatisticswillbedisplayedhere.Toseethe
totalnumberofmanagedclients,networksandhostgotohelp>about.

4.2Network/rangeoccupation
Inaddition,thestatisticspageoffersthepossibilitytoshowanoverviewofnetorrangeoccupation.
59

DocumentationGestiIPIPAMv3.2

Thismaybeusefultodetectpoorlyutilizedaddressranges.Youcanfilterthenetworksthatshould
appearinthereportbyIP(orpartsofIP),description,site,categoryandcomment.

Fig.54:Networkandrangeoccupationform

4.3Miscellaneous
Thisoptionallowtolistnetworksonlycontaininghostswithstatusdownornetworksonly
containinghostwithstatusdownorstatusneverchecked.

Fig.55:Shownetworkswithstatusdown

Note
Thereasonbecauseallhostsofanetworkappearasdownmaybethemissingoffirewallrules.

60

DocumentationGestiIPIPAMv3.2

5Databaseinitialization
GestiIPoffersseveralmechanismstoimportdataintoitsdatabase.
networks/hosts/VLANsviaSNMPquery
hostsviaDNSqueries

networks/hostsfromspreadsheets

5.1Discovery
TheDiscoveryisintendedtoinitializeGestiIP'sdatabaseafteranewinstallation.Itexploresthe
networkinfrastructureusingSNMPandDNSandaddsfoundVLANs,networksandhoststo
GestiIP'sdatabase.
Itexecutesthefollowingprocesses:

VLANdiscoveryviaSNMPusingPerlModuleSNMP::Info
NetworkdiscoveryviaSNMPqueryingroutingtablesfromnetworkdevices
HostdiscoveryofnewfoundnetworksviaSNMPusingSNMP::Infoandowndiscovery
mechanisms
HostdiscoveryofnewfoundnetworksviaDNS

Thediscoveryprocessneedsabout45sforoneclassCnetworkswith254addresses,dependingon
thevalueofmaxprocs(numberofparalleldiscoveryprocesses)andtheCPU/memoryofthe
server.NotethatdiscoveryforoneclassBnetworkwithabitmaskof/16(65.534addresses)may
takehoursbecausediscoveryprocessesthenetworkportionwiseeachwith128parallelprocesses
(dependingoftheglobalconfigurationparametermaxprocs).
Clickimport/exportDiscoverytoaccessdiscoveryform.
Note
Discoveryprocesswilloptionallyprocessnetworksfoundbylastrunofimportnetworksfrom
spreadsheets.Soimportyournetworkspreadsheetsbeforeyouexecutethediscoveryprocess.
Note
Discoveryprocesswillupdatepredefinedcolumns,too.Soconfigurepredefinedcolumnsfirst
beforeexecutingthediscoveryprocess.

61

DocumentationGestiIPIPAMv3.2

Fig.56:"Discovery"form

NetworkdevicesOneoralistofIPaddressesofdevicesholdingroutingand/orVLAN
information.Thesearetypicallynetworkdeviceslikeroutersormultilayerswitches.
ImportnetworksIPversionTochooseforwithIPversionthediscoveryshouldbeexecuted
(thisoptionisonlyavailablewhenglobalconfigurationparameterIPv4onlyissettono)
ImportrouteslearnedfromTodefinefromwhichroutingprotocolsthelearnednetworks
shouldbeimported.
SNMPversionTochoosetheSNMPversionwhichshouldbeusedfordiscovery
SNMPv1andSNMPv3:
communitySNMPcommunitystring
SNMPv3
SelectingSNMPversionv3thereappearSNMPv3specificoptions.
62

DocumentationGestiIPIPAMv3.2

Fig.57:SNMPv3form

usernameSNMPv3username
SecurityLevelSNMPv3securitylevel
AuthalgorithmAuthenticationalgorithm(onlyauthNoPrivandauthPriv)
AuthpasswordAuthenticationpassword(onlyauthNoPrivandauthPriv)
PrivacyalgorithPrivacyalgorithm(onlyauthPriv)
PrivacypasswordPrivacypassword(onlyauthPriv)
ProcessonlyIPv4networksbeginningwithIfyoudevideacomplexnetworkinfrastructureinto
smallersectionviatheclientoption(see3.7)youcanspecifyherethefirstoctetsofthenetworks
whichshouldbeimportedandprocessedduringthediscoveryprocess.Toimportonlynetworks
startingwith192.168introduce192.168.Thefieldacceptsacomaseparatedlistofnetworks(e.g.
10,172.16,192.168)
ProcessonlyIPv6networksbeginningwithLikeProcessonlyIPv4networksbeginningwith
butforIPv6networks.Example:2001::ab,2002::
maximalnumberofparalleldiscoveryprocessesNumberofchildprocesseslancedby
discovery.AugmentofthisvaluewillspeedupdiscoveryprocessbutincreaseCPUloadand
memoryusage.
Includenetworkswhichwereaddedbylastrunofimportnetworksfromspreadsheetwithin
discoverymarkthischeckboxifyouwantthatdiscoveryprocessesthenetworkswhichwere
importedbylastrunofimportnetworksfromspreadsheet,too.
DiscovernewfoundnetworksonlyIfthischeckboxischecked,onlynewfoundnetworkswill
beprocessed.Ifyouuncheckit,allfoundnetworkwillbeprocessed.
addcommenttofoundnetworksmarkthischeckboxifdiscoveryshouldaddautomatically
commentlikeStaticroutefrom192.168.239.
Clickdiscovertolancediscoveryprocess.

63

DocumentationGestiIPIPAMv3.2

Itappearsanewpageofferingtheoptionstoconsultthestatusofthediscoveryprocessorto
interruptthediscoveryprocess.

Fig.58:"Discoverystartedform

Clickingconsultdiscoverystatusopensanewwindowshowingtheactualstatusofdiscovery
process(Fig.59).Thestatuspagerefreshesautomaticallyevery10sduringdiscovery.
Clickstopdiscoverytointerruptthediscoveryprocess.Itmaytakeupto15stostopalldiscovery
childprocesses.

Fig.59:Discoverystatuswindow

Clicklinklogfiletodisplaydetailedloginformationofthediscoveryprocess.TypeCTRRto
refreshlogfilewindow.Thelogfilewillbedeletedwhendiscoveryprocessisexecutedagain.
Note
IfyouuseaSNMPcommunityotherthanthedefaultpublic,SNMPbasedpartsofthediscovery
64

DocumentationGestiIPIPAMv3.2

processwilltrytoquerythedeviceswithcommunitystringpublic,too.Thatmakessurethat
deviceswiththecustomcommunitypublicconfigured,nottobeignored(e.g.it'sacommon
errortoforgettosetcommunityforprintersortoconfigureacustomcommunityforadevicebut
notdisablethecommunitypublic).Executeasearchforpublicthroughtheauditlogto
identifydeviceswithdefaultcommunitystringsconfigured.
Note
Youcanalsoconsulttheauditlogtoseethedetailsofthediscoveryprocess.

5.2ImportnetworksviaSNMP
The"importnetworksviaSNMP"functionqueriesroutingtablesfromSNMPenableddevicesand
addsthefoundnetworkstothedatabase.LetitrunagainstyourlayerIIIdevices(e.g.routersor
multilayerswitches).

5.2.1ManualimportviaSNMP
ToimportnetworksviaSNMPclickimport/export"importnetworksviaSNMP".

Fig.60:"importviaSNMP"form

See5.1foradescriptionoftheoptions

65

DocumentationGestiIPIPAMv3.2

Ifthefoundnetworksshouldbeincludedwithinautomaticupdate,mark"includenetworkswithin
theautomaticupdatecheckbox.
Note
Ifyouquerydeviceswithenableddynamicroutingprotocols(e.g.BGP),aquerymaytakequitea
longtimeandcancausea"webservertimeout"error(becausetheroutingtablescanbevery
large).Inthiscase,usescript"get_networks_snmp.pl"fromthedirectory/usr/share/gestioip/bin.
Note
NetworkimportviaSNMPwillalthoughbeexecutedduringdiscoveryprocess(see5.1)

5.2.2ScriptbasednetworkimportviaSNMP
GestiIPcomeswiththescript"/usr/share/gestioip/bin/get_networks_snmp.pl"toimportnetworks
viaSNMP.Thescriptacceptssingledevicesoralistofdevicestoqueryandcanbeexecuted
manuallyorbycron.
Itreadsmostparameterfromconfigurationfile/usr/share/gestioip/etc/ip_update_gestioip.conf.
However,youhavetoconfiguresomeparameterdirectlyinthescript.Todosoopenthescriptwith
yourfavoriteeditorandconfiguretheparameterinthesectionbetween
#########################################
###changefromhere...#################
#########################################
.....
#########################################
####...tohere#########################
#########################################
get_networks_snmp.plreadsitstargetnodesfromafilecalledsnmp_targets.Thisfileislocatedin
thedirectory/usr/share/gestioip/etc/.Openthefileandenterthenodesthatshouldbequeried(one
hostperline).
ThescriptdependsonthefollowingPerlmodules:
SNMP,Net::IP,DBI
IfyouexecutethescriptfromaserverotherthanthatwhichcomeswiththeinstallationofGestiIP,
66

DocumentationGestiIPIPAMv3.2

youmaygetanerrormessagesuchas"Can'tlocateSNMP.pmin@INC"
ThismeansthattherearePerlmodulesmissing.See9.5.1forinstructionshowtoinstallthem.

5.3Importfromspreadsheet
GestiIPpossessesflexiblemechanismstoimportnetworksorhostsfromspreadsheets.
Spreadsheetsmusthave.xlsextension(MSExcel).IfyouuseOpenOfficeusethe"SaveAs..."
optiontosavethespreadsheetin.xlsformat.

5.3.1Importnetworksfromspreadsheets
Goto"import/export">mark"networks"radiobuttonanduploadthespreadsheetwiththe
networkstoimport.
Yourspreadsheetmayconsistsofdifferentsheets.InstepIIyouhavethepossibilitytoimportall
sheets,onesheetbyitsnameormultiplesheetsbynumbers.

Fig.61:"Importfromspreadsheet"form

Toimportallsheetsmark"allsheets".Toimportonesheetmarktheradiobutton"sheetname"and
introducethesheetname(e.g."server")(seeFig.62).Toimportmultiplesheetsmarkthe"sheets"
radiobuttonandintroducethenumbersofthesheetstoimport.Theformacceptsasinglenumber,a
commaseparatedlistorarangeofsheets(e.g.24toimportsheets"LANI,LANIIandSheet4"in
theexamplebelow).

67

DocumentationGestiIPIPAMv3.2

Fig.62:Sheetnumbers

Next,indicatewhatinformationisineachcolumn:Associatethelettersofthecolumnswiththe
correspondingcontent.
Thelettersofthecolumnsarefoundatthetopofeachcolumnofyourspreadsheet(seeError:
Referencesourcenotfound).
networksColumnwithnetworks.Exampleofformatsupportedentries:192.168.0.0entriesthat
dontmatchtheformatwillbeignored.
netmask/bitmaskColumnwithnetmaskorbitmask(columnswithmixednetmaskandbitmask
arealsosupported).Exampleofformatsupportedentries:24,255.255.255.0entriesthatdont
matchtheformatwillbeignored.
networksandnetmask/bitmaskinonecolumnColumnwithbothnetworkandnet/bitmask.If
yourspreadsheetcontainsonecolumnwithbothnetworksandnet/bitmasks,leavenetworksand
netmask/bitmaskblank.
Examplesofsupportedformats:
1.1.1.0/24,1.1.1.0/255.255.255.255,1.1.1.024,1.1.1.0255.255.255.0,1.1.1.0xyz24
Networkentriesthatdontmatchthesupportedformatswillbeignored.
descriptionColumnwithnetworkdescriptionsoptional.
siteColumnwithsites.Thesitesofthenetworkstoimportmustbeidenticaltothesitesin
GestiIP'sdatabase.Ifthesitedoesn'texistinthedatabaseitwillbeignoredcasesensitive
optional.
categoryColumnwithcategories.ThecategorymustbeidenticaltothecategoriesinGestiIP's
database.Ifthecategorydoesn'texistitwillbeignoredcasesensitiveoptional.
commentColumnwithcommentsoptional.
Mark"includenetworkswithinautomaticupdate"ifthenetworkshouldbeprocessedbyautomatic
update.

68

DocumentationGestiIPIPAMv3.2

Fig.63:Spreadsheettoimport

Note
Oldscriptimport_from_excel.plisobsoleteandnotlongerincludedwithinGestiIP.

5.3.2Importhostsfromspreadsheet
ToimporthostsfromspreadsheetsintoGestioIP'sdatabaseclickimport>markhostsradio
buttonanduploadthespreadsheetcontaininghostentriestoimport.
Note
Thenetworkscontainingthehoststoimportmustexist;soimportorintroducenetworksfirst.
Ifimportfunctiondoesn'tfindanadequatenetworkforthehostentries,theywillbeignored.
Indicateifyouwanttoimportallsheets,onesheetbyitsnameormultiplesheets(see.5.3.1).
IndicatetheformatoftheIPaddressesinthespreadsheet:

69

DocumentationGestiIPIPAMv3.2

Fig.64:IndicateIPaddressformat

IfyourspreadsheetcontainsIPaddressesinstandardformat(e.g.82.98.146.69)selectstandard
radiobutton.IfyourspreadsheetcontainsonlythelastoctetoftheIPaddress,markonlylast
octetandspecifythefieldcontainingthenetworkaddress(e.g.A1).Networksmusthaveoneof
thefollowingformats:
NetworkID/netmask(192.168.9.0/255.255.255.0)
NetworkID/bitmask(192.168.9.0/24)
Leadingorfollowingstringswillbeignored(e.g.theentryNetwork192.168.9.0/24XXXwill
alsobeaccepted)(seeFig.65).

Fig.65:SpreadsheetcontaininglastoctetofIPaddressestoimport

Next,associatethelettersofthecolumnswiththecorrespondingcontent(see5.3.1)andclick
import.

70

DocumentationGestiIPIPAMv3.2

Fig.66:ImportspreadsheetcontaininglastoctetofIPaddresses

5.3.3ImportVLANsfromspreadsheet
ToimportVLANsfromspreadsheetsintoGestioIP'sdatabaseclickimport>markVLANs
radiobuttonanduploadthespreadsheetcontainingVLANstoimport.Choosethesheetsthatshould
beimported,associatelettersandcolumnsandclickimport.

71

DocumentationGestiIPIPAMv3.2

6Accesscontrol
Becauseofhistoricalreasons,authenticationandauthorizationishandleddifferent.
Theauthentication(identificationofusers)iscarriedoutthroughmod_authoftheApacheweb
server.ItnotmadebyGestiIPsoftwareitself.Theauthorization(grantingpermissions)ismadeby
GestiIP.ThismeansthattheauthenticationisconfiguredintheApacheconfigurationfileandthe
authorizationisconfiguredwiththeGestiIPwebinterface.

6.1Authentication
GestiIP'sauthenticationprocessiscarriedoutthroughApache'smod_auth.Thedefaultinstallation
workswithHTTPBasicAuthentication.Butyoucanuseanykindofauthenticationwhichis
supportedbytheApachewebserver(e.g.user/groups,LDAP,MSActiveDirectory,
certificates,...).YoucanfindsampleApacheconfigurationswithauthenticationagainstaLDAP
directory,againstKERBEROS5andagainstaMicrosoftActiveDirectoryinthedocumentation
pageofhttp://www.gestioip.net.

6.1.1Defaultauthentication
Duringthesetup,theadministratorcreatesmanuallythedefaultuser"gipadmin(usingthe
commandhtpasswd).Thatmeansthatthereisnodefaultpassword.Theuserisauthenticated
withthepasswordwhichwerecreatedduringsetup.Thedefaultuserhasaccesstoallfunctionsof
GestiIP.
Note
Toenhancesecurityitisrecommendedtoconfigureauthenticationwithindividualaccounts.This
hastheadvantagethatMANauditeventscanbeassociatedwithaspecificuser.

6.1.1.1Createnewaccounts
TocreatenewaccountstousewithHTTPBasicAuthenticationyouneedtoaddauserwiththe
commandhtpasswdandconfigurenew"Requireuser"directivesinApache'sconfigurationfile
gestioip.conf.
Usersarestoredinthepasswordfileusersgestioipwhichyoufindintheconfigurationdirectory
oftheApacheWebserver(e.g./etc/apacheor/etc/httpd,dependingtheLinuxdistribution).To
createanewaccountchangetoApache'sconfigurationdirectoryandexecutethefollowing
commandfromashell:
72

DocumentationGestiIPIPAMv3.2
$sudohtpasswd./usersgestioipnewaccount

GestiIP'sApacheconfigurationgestioip.confisstoredinApache'sincludedirectory(e.g.
/etc/apache/conf.d,/etc/httpd/conf.d,/etc/apache/sitesenableddependingoftheLinux
distribution).
Tohabilitatethenewaccountyouneedtoadda"RequireUser"directivesforthedirectories
DocumentRoot/gestioip(ro/rwuser)andDocumentRoot/gestioip/res(rwuser)toApache's
gestioip.conf.
Forarwuseropengestioip.confwithyourfavoriteeditorandsearchthelines
Requireusergipadmin

Copyandinsertthelineandreplace"gipadmin"withthenewaccount(newaccount).Closeand
savegestioip.conf.
TotakechangesaffectyouneedtoreloadtheApacheWebserver.
Note
gestioip.confcontainsoneRequireUserdirectiveforarouserandtwodirectivesforarw
user.

6.1.1.2Changeuserspassword
TochangeauserpasswordgotoApache'sconfigurationdirectoryandexecutethefollowing
commandfromashell:
$sudohtpasswd./usersgestioipaccount

6.1.1.3Deleteaccounts
TodeleteaGestiIPaccount,authenticatedbyHTTPbasicauthentication,youneedtodeleteit
fromthepasswordfileusersgestioip(e.g.in/etc/apache/or/etc/httpd/)andfromGestiIP'sApache
configurationgestioip.conf(e.g.in/etc/apache/conf.dor/etc/httpd/conf.d).
TodeleteaaccountfromthepasswordfilechangetoApache'sconfigurationdirectoryandexecute
thefollowingcommandfromashell:
$sudohtpasswdD./usersgestioipaccount

TodeleteanaccountformGestiIP'sApacheconfigurationopengestioip.confwithyourfavorite
73

DocumentationGestiIPIPAMv3.2

editoranddeletethedirectivesRequireuseraccount
ReloadtheApacheWebservertotakechangesaffect.

6.2Authorization
TheauthorizationforthedifferentfunctionsofGestiIPismadebytheGestiIPsoftware.Itis
disabledbydefault.
ThepermissionstoaccessthedifferentfeaturesofGestiIParedefinedfortheUserGroups.To
assignpermissionstoaUsermakeitmemberofanadequateUserGroup.
Toenabletheauthorizationfeatureyouneedtoexecutethefollowingsteps:

Activatetheauthorizationfeature.

Adaptthedefaultusergroupstoyourequirementsorcreateusergroups.

Createusersandassigntheadequateusergrouptotheuser.

Note:
IfyouusetheauthorizationfeatureitisrecommendedtouseindividualaccountsforeveryGestiIP
user.

6.2.1Activation
ToactivatetheauthenticationgotomanagemanageGestiIP,settheparameterUser
managementtoyesandclicksave.Thiswillcreateanentryfortheactualuserintheuser
databaseandmakeitmemberofthegroupGestiIPAdmin,whichhasallpermissions,including
thepermissiontocreatenewusersandusergroups.
ActivatingtheauthorizationfeaturealsocreatesthetwonewmenuitemsUsersandUser
Groupsundermanageitem(afteractivatingauthorizationclickoveranylinktomakethenew
menuitemsappear).

74

DocumentationGestiIPIPAMv3.2

Fig.67:MenuitemsUsersandUserGroups

6.2.2Users
WithactivatedauthorizationfeatureyouneedtodefineGestiIPusersforalluserswhichshould
accesstoGestiIP.TheGestiIPusersmustbethesameuserwhichareusedforauthentication(see
6.1).
Accesstomanage>Userstocreate,updateordeleteGestiIPusers.

Fig.68:Userlistview

6.2.2.1CreateUsers
ClickaddUsertocreatenewUsers.

75

DocumentationGestiIPIPAMv3.2

Fig.69:AddUserform

name:Username.Usernamesmustbethesamenamesastheusernameswhichareusedtoaccessto
GestiIP's.(mandatory)
UserGroup:Theusergroupdeterminethepermissionsoftheuser.(mandatory)
email:emailaddressoftheuser1@domain.org.(optional)
phone:phonenumber.(optional)
comment:Anoptionalcomment.
ClickaddtocreatethenewUser.

6.2.2.2EditUsers
Clickoverthe

symboltoaccesstheeditUserform.

6.2.2.3DeleteUsers
Clickoverthe

symboltodeleteusers.

Note:
TheactualUsercannotbedeleted.

6.2.3UserGroups
UserGroupsareusedtodeterminetheUserpermissions.Accesstomanage>UsersGroupsto
create,updateordeleteGestiIPUserGroups.

76

DocumentationGestiIPIPAMv3.2

Fig.70:UserGrouplistview

GestiIPcomeswiththreedefaultUserGroups:

GestiIPAdmin:Groupwithallpermissions
Admin:Groupwithallpermissionexceptthepermissionstomanageusersandtochange
theGestiIPconfigurations
Readonly:Groupwithpermissionstoshow,butnottoeditnetworks,host,VLANs,ASand
leasedlines.

6.2.3.1Permissions
Theauthorizationsystemoffersthefollowingpermission:
GlobalPermissions

ManageGestiIPpermissionspermissiontodisplayandchangeallfunctionunder
manage>manageGestIP

Manageuserpermissionspermissionstocreate,read,updateanddeleteUsersandUser
Groups

Managesitesandcategoriespermissionstocreate,read,updateanddeletesitesand
categories

Managecustomcolumnspermissionstocreate,updateanddeletecustomhostand
networkcolumns

Readauditpermissionstoaccessauditlog

clientstoselectifthenonglobalpermissionsshouldbeavailableforalloronlyfora
specificclient
Clientspecificpermissions(nonglobalpermissions)
Networks

createnetworkspermissiontocreatenetworks

readnetworkinformationpermissiontolistnetworks

updatenetworkinformationpermissiontoupdatenetworks

deletenetworkspermissiontodeletenetworks
77

DocumentationGestiIPIPAMv3.2

Hosts

createhostspermissionstocreatehost
readhostinformationpermissiontolisthostentries
updatehostinformationpermissionsupdatehosts
deletehostspermissiontodeletehosts

VLANs

createVLANspermissionstocreateVLANs

readVLANinformationpermissionstolistVLANs

updateVLANinformationpermissionstoupdateVLANs

deleteVLANspermissionstodeleteVLANs
ConfigurationManagement(CM)

Showbackupeddeviceconfigurationspermissionstoshowthestoredconfigurationsof
thenetworkdevices

Uploaddeviceconfigurationspermissionstouploadconfigurationsorfilestodevices
whichareundercontroloftheCMmodule

AdministrateCMpermissionstochangetheCMconfigurationfordevices
AutonomousSystems

createASpermissionstocreateASs

readASinformationpermissiontolistASs

updateASinformationpermissionstoupdateASs

deleteASpermissionstodeleteASs
LeasedLines(LLs)

createLeasedLinespermissionstocreateLLs

readLeasedLineinformationpermissionstolistLLs

updateLeasedLineinformationpermissionstoupdateLLs

deleteLeasedLinespermissiontodeleteLLs

78

DocumentationGestiIPIPAMv3.2

6.2.3.2CreateUserGroups
ClickaddUserGrouptocreatenewUsersGroups.

Fig.71:AddUserGroupform

nameUserGroupname(mandatory)
descriptionanoptionaldescriptions
AssignthedesiredpermissiontotheUserGroupbyselectingtheadequatepermissioncheckboxes.

6.2.3.3EditUserGroups
Clickoverthe

symboltoaccesstheeditUserform.

6.2.3.4DeleteUserGroups
Clickoverthe

symboltodeleteusers.

Note:
TheactualUserGroupcannotbedeleted.

79

DocumentationGestiIPIPAMv3.2

6.2.4UsergipoperofGestiIPversions<3.2
Theauthorizationsystemwhichwasimplementedinrelease3.2eliminatestheneedoftheoldro
usergipoper.ThataffectstheApacheconfiguration.Astheauthorizationisnowmadebythe
GestiIPsoftware,thereisnotlongertheneedofthedirectivesforthedirectory
[DocumentRoot]/gestioip/res.Itisrecommendedtodeletetheconfigurationpartfortheres
directoryfromtheApacheconfigurationfileforGestiIP(gestioip.conf):
<Directory"/var/www/gestioip/res">
AddHandlercgiscript.cgi
AddDefaultCharsetutf8
AllowOverrideNone
Options+ExecCGI
AuthTypeBasic
AuthNameGestioIP
AuthUserFile/etc/apache2/usersgestioip
Requireusergipadmin
ErrorDocument401/gestioip/errors/error401.html
ErrorDocument403/gestioip/errors/error403.html
ErrorDocument404/gestioip/errors/error404.html
ErrorDocument500/gestioip/errors/error500.html
</Directory>

RestarttheApachewebservertotakethechangeaffect.

80

DocumentationGestiIPIPAMv3.2

7Advancedfunctions
7.1Updatecheck
GestiIPdisposesaboutamechanismtocheckiftherearesoftwareupdatesavailable.Clickover
helpcheckforupdatestoexecutetheupdatecheck.
Inthecasethatthereareupdatesavailable,theupdatecheckshowsalinktodownloadthelast
actualizationtarball,aswellasalinktothechangelogandanexplicationhowtoapplytheupdate.

Fig.72:Onlineupdatecheck

81

DocumentationGestiIPIPAMv3.2

7.2Databaseconfiguration(ip_config)
ThedatabaseconfigurationofGestiIPisstoredin/DocumentRoot/priv/ip_config
Becausethedatabasepasswordisstoredincleartext,theApachewebservermustbecorrectly
configuredandthepermissionsoftheconfigurationfile(500)mustbecorrectlyset.Tocheck
whethertheApache2webserveriscorrectlyconfigured,youcantrytoaccesstheconfigurationof
GestiIPwithabrowser.OpenthefollowingURLwithabrowser:
http://servername/gestioip/priv/ip_config
Youshouldreceivean"accessdenied"message.Incaseitispossibletoaccessthefileip_config,
checkfilepermissionsofip_configandreviewtheconfigurationofApache2.
Configurationparameterdescription:
parameter

description

bbdd_host

HostwheretheGestiIPMysqldatabaseruns

bbdd_port

Portonwhichthedatabaselistens

sid_gestioip

SIDoftheGestiIPdatabase

user_gestioip

GestiIPdatabaseuser

pass_gestioip

GestiIPdatabaseuserpassword

7.3Exportnetworks,VLANsorhoststoCSV
GestiIPincludesthepossibilitytoexportnetworksaswellashosttoCSVfiles(commaseparated
list)whichyoucanimporteasilye.g.intoLibreOfficeorMSExcel.
Clickimport/exportexportnetworksorhoststoCSVtoaccesstheexportform.

82

DocumentationGestiIPIPAMv3.2

Fig.73:Network,VLANorhostexportform

Thereiseithertheoptiontoexportallnetworks/VLANs/hostsortoexportnetworks,VLANsor
hostswithmatchaspecificstring.ThestringcouldbeanIPaddress(orapartofanIPaddress),a
partofthedescription,site,categoryorcomment.
HostexportoffersfurthermoretheoptiontoexportallIPaddressesofadedicatednetworkby
introducingthenetworkID(e.g.172.16.4.0)intothetextboxfromnetwork.
Clickexporttoexecuteexportfunction.Afterasuccessfulexportalinktodownloadtheexported
dataisshown.

Fig.74:Linktodownloadtheexporteddata

83

DocumentationGestiIPIPAMv3.2

WhenimportingthedataintoaspreadsheetapplicationchooseUTF8likecharactersetand,
(coma)likeseparator.

7.4Addanewlanguage
CurrentlyGestiIPsupportsthefollowinglanguages:Catalan,Spanish,Italian,Germanand
English.GestiIPpossessesasystemthatmakesiteasytoaddnewlanguages.Toaddanew
languageyouneedtotranslateonofthefilescontainingthelanguagevariables.:
Totranslatethelanguagefilemakeacopyofoneoftheexistinglanguagefiles(e.g.
/DocumentRoot/vars/vars_en)andnameitvars_xy(replacethexywiththeabbreviationofthenew
languageforFrench"vars_fr",forDanish"vars_dk".Theabbreviationmustcontaintwoorthree
characters).Thefilecontainsvariablessuchas:
name_of_the_variable=valueofthevariable
examplefile/DocumentRoot/vars/vars_en
mostrar_redes_message=shownetworks
mostrar_red_message=shownetwork
busqueda_detallada_message=advancedsearch
crear_red_message=createnewnetwork
Translatethetextstartingattherightofthe"="
SpecialcharactersmustbeintroducedencodedinHTML(>&uacute;)
And...
Sendthenewlanguagefiletocontact@gestioip.net.Itwouldbeapleasuretoinclude
supportforyourlanguagewithinthenextactualizationofGestiIP!

84

DocumentationGestiIPIPAMv3.2

8IPv6Addressplan
GestiIPofferstoolswhichcanhelptobuildtoyourorganizationadaptedIPv6addressplanes.
ItsupportstwodifferentmethodstocreateIPv6addressplans:TranslationoftheexistingIPv4
subnetschemetoIPv6onthebaseofanIPv6addressblockortocreateanhierarchicalIPv6
addressplanonthebaseofsitesandcategories.

8.1Directtranslation
Withthismethodyoucantranslatethewholeorarecognizable,uniquepartoftheIPv4address
rangestoIPv6.ItbasesonanspecifiedIPv6addressblock.TheoctetsoftheIPv4addressesare
translatedonebyonetoanhexadecimalvalue.ThecorrespondingIPv6networksarecreatedfrom
thegivenIPv6addressrangeplusthetohexadecimalconvertedvaluesoftheindividualoctetsof
theIPv4address.
Example
IPv6addressblocktobuildtheplanfrom:2001:bd8::
IPv4addressrangeusedbyorganization:192.168.0.0192.168.255.255
Examplenetwork:192.168.190.32/27
Octett

Decimal hexadecimal

oct1

192

C0

oct2

168

A8

oct3

190

BE

oct4

32

20

IfitispossibletotraduceallIPv4networksoronlyapartofthemtoIPv6dependsintheprefix
lengthofthespecifiedIPv6addressblock.PrefixLength>32donotofferenoughbitstomapthe
wholeIPv4addressspace.IfyouuseanIPv6addressblockswithaprefixlength>32youmust
curtailtheIPv4addressrangeyouwanttotranslate.TableaboveshowsthetranslatedIPv6address
fordifferentcombinationsofPrefixLength,IPv4octetsandtheIPv4bitmasks(IPv6addressblock
2001:bd8::andIPv4network192.168.190.32/27).

85

DocumentationGestiIPIPAMv3.2

Prefixlegth RequieredIPv4
octets

Translationonlyfor
networkswithIPv4
Bitmask

translatedIPv6address

<=32

all

2001:db8:C0A8:BE20::

3340

oct1

all

2001:db8:A8BE:2000::

4148

oct1+oct2

1724

N/A(networkBitmaskis27)

oct1+oct3+oct4 2532

2001:db8:0:2000::

8.1.1Createtheaddressplan
TotranslateyourexistingIPv4networkstoIPv6clickovernetworks>IPv6addressplan.
Step(1)
IntroducetheIPv6addressblockyouwanttocreatetheplanfromandpresssend.

Fig.75:CreatehierarchicalIPv6addressbytranslationexistingIPv4networks

Step(2)
CurtailtheIPv4addressrangeyouwanttotranslatebyintroducingtherequiredoroptionaloctets
oftheIPv4addressrange.IfyouworkwithanIPv6addressblockwithaprefixlength>40you
needtospecifyatleastthefirsttwooctets.Byintroducingthefirsttwooctets,onlytheIPv4
networkswithbitmaskfrom1724willbetranslated.Byintroducingthefirstthreeoctets,onlythe
IPv4networkswithbitmasksfor2532willbetranslated.

86

DocumentationGestiIPIPAMv3.2

Fig.76:Curtailaddressrangetotranslate

Afterclickingsend,alistwiththenetworkstocreatewillbedisplayed.TocreatethenewIPv6
networkswithinGestiIP'sdatabaseeditthenetworksfieldsandpresscreate.Toavoidthat
specificnetworkswillbecreated,unselectthecheckboxcreatebehindtheregardingnetworks.

8.2HierarchicalIPv6addressplanbasedonsitesand
categories
GestiIP'shierarchicaladdressplanbuilderoffersthepossibilitytomapthenetworkstructureofan
organizationtothe(physical)structureofit'ssitesandnetworkscategories.Thereforeit'snecessary
todefinewellthedifferentsitesandcategoriesofyourorganizationbeforeyoubegintocreatea
hierarchicaladdressplan.
OneofthebenefitsofahierarchicalplanisthatyoucanrecognizedirectlyfromtheIPaddressto
whichsitetheaddressbelongs.
Example
Aorganizationhasthreesites(site1,site2,site3),sevencategories(prod,preprod,test,dev,test,
corpA,corpB)andatmost95networkspercategory.It'sISPhasassignedittheIPv6addressblock
2001:AAAA:BBBB:/48.
Withaprefixlengthof48remain4bitstomaptheexistingsites,categoriesandnetworksper
category.Howmanybitswillbereservedforeachonedependsonit'snumber.
ThefollowingtableshowshowGestiIPwoulddistributethefreefourbitsinrelationwiththe
numberofsites,categoriesandnetworkspercategoriesforthisexample:

87

DocumentationGestiIPIPAMv3.2

IPv6addressblock:2001:aaaa:bbbb:0000:0000:0000:0000:0000/48
site

2001:aaaa:bbbb:0000::

categories

2001:aaaa:bbbb:0000::

Networkspercategory

2001:aaaa:bbbb:0000::

Thetableaboveshowssomeaddressesthatcouldbecreatedwithinthisplan.
LevelI(sites)

LevelII(categories)

LevelIIInetworks/categorie

2001:aaaa:bbbb:0000::

2001:aaaa:bbbb:0000::

2001:aaaa:bbbb:0000::
2001:aaaa:bbbb:0001::

2001:aaaa:bbbb:0100::

2001:aaaa:bbbb:0100::
2001:aaaa:bbbb:0101::
2001:aaaa:bbbb:0102::

2001:aaaa:bbbb:0200::

2001:aaaa:bbbb:0200::

2001:aaaa:bbbb:1000::

2001:aaaa:bbbb:1000::

2001:aaaa:bbbb:1000::

2001:aaaa:bbbb:2000::

2001:aaaa:bbbb:2000::

2001:aaaa:bbbb:2000::

8.2.1Createtheaddressplan
TocreateahierarchicalIPv6addressplanclickovernetworks>IPv6addressplan
Step(1)
IntroducetheIPv6addressblockyouwanttocreatetheplanfromandpresssend.

Fig.77:createhierarchicalIPv6addressplanfromanIPv6block

88

DocumentationGestiIPIPAMv3.2

Step(2)
Choosethenumberofsites,categoriesandnetworkspercategorywhichyouneedtomapyour
organization'sstructure(takefuturegrowinginmind).

Fig.78:Numberofsiteandcategorynetworksandnetworkspercategroy

GestiIPmakeshereaproposalbasedonexistingsites,categoriesandnetworkspercategory.With
markedcheckboxCarryoverthedescriptionsandcommentsofexistingIPv4networks,the
descriptionsoftheexistingIPv4networkswillbeassignedtothenewIPv6networkswiththe
correspondingsitesandcategories.GestiIP'sdefaultbehavioristocreateasmanynewnetworks
persiteandcategoryasexistingIPv4networks.WithselectedcheckboxCreatenewendnetworks
independentlyofthenumberofexistingsitesandcategoriesyouwillhaveinalaterstepthe
possibilitytointroducethenumberofnetworkstocreateforeachsiteandcategoryindependently.
Onceyouhavechosenthenumbersclicknext.
Step(3)
GestiIPcalculatesallpossiblecombinationsofnetworkdistributionsonthebaseofthenumbers
whichwhereintroducedinthepreviousstepanddisplaysalistwithpossiblenumbersoflevelI
subnets(designatedforthelocationrootnetworks).

89

DocumentationGestiIPIPAMv3.2

Fig.79:LevelInetworks(sites)

Clickoverthelinkwiththenumberofnetworksyouwanttoreserveforthelocations.
Step(4)
InthissteptherewillbealistofpossiblenumbersoflevelIIsubnetsdisplayed(designatedforthe
categoryrootnetworks).

Fig.80:LevelIInetworks(categories)

Choosethenumberofnetworksyouwanttoreserveforthecategoriesandclickoverthe
correspondinglink.AlistoflevelIIandlevelIIInetworkswillbedisplayed(thenumberoflevel
IIIsubnetswillautomaticallybecalculatedfromtheprefixlengthofthelayerIInetworks).Ifyou
arenotsatisfiedwiththeresultusethebacklinktoreturntopreviouspagetochangethenumberof
levelIsubnets.

90

DocumentationGestiIPIPAMv3.2

Step(5)
AlistoflevelIIandlevelIIInetworkswillbedisplayed(thenumberoflevelIIIsubnetswill
automaticallybecalculatedfromtheprefixlengthofthelayerIInetworks).

Fig.81:LevelIIInetworks(networkspercategory)

Ifyouaresatisfiedwiththeresultclickoversend.IfthecheckboxCreatenewendnetworks
independentlyofthenumberofexistingsitesandcategoriesfromstep(2)wasselected,therewill
beaformdisplayedwhichallowstointroducethedefinitivenumberofnewnetworksperlocation
andcategorythatshouldbecreated.
Step(6)(optional)
Introducethenumberofnetworkswhichyouwanttobecreatedforeachlocation/categoryand
clicknext

91

DocumentationGestiIPIPAMv3.2

Fig.82:Numberofnetworkstocreate

Step(7)
Alistofthenetworkswhichshouldbecreatedwillbedisplayed.WithmarkedcheckboxCarry
overthedescriptionsandcommentsofexistingIPv4networks(Step(2)),thecommentsofthe
IPv4networksaretakenoverforthenewIPv6networks.Editthedescriptionsofthenetworks,add
anoptionalcommentandselectthesynccheckboxityouwantthatthenewnetworkwillbe
processedbyautomaticactualization(see9).Ifyouwanttoavoidnetworksfrombeingcreated
unselectthecheckboxcreate.Onlynetworkswithselectedcreatecheckboxwillbecreated.

92

DocumentationGestiIPIPAMv3.2

Fig.83:Editnetworkparamters

ClicklinkcreateatthebottomofthepagetoinsertthenewnetworksintoGestiIP'sdatabase.

9Automaticupdate
GestiIPcomeswithscriptswhichautomaticallyupdatethedatabaseofGestiIPviaSNMP
(ip_update_gestioip_snmp.pl),againsttheDNS(ip_update_gestioip_dns.pl)andagainstanOCS
InventoryNG(ip_update_gestioip_ocs.pl).
It'shighlyrecommendedtoenableautomaticupdate(AU)tomakesurethatGestioIP'sdatabaseis
alwaysuptodate.AUagainstDNSandviaSNMPcanberuninanyenvironmentswhichdispose
ofaDNSserver.IfyouhaveaninstallationofanOCSInventoryNGyoucanalsoupdate
GestioIP'sdatabaseagainsttheOCSdatabase.
AUagainstDNS/SNMPandAUagainstOCSInventoryNGworkdifferent.AUagainst
DNS/SNMPprocessesalladdressesofanetwork.AUagainstOCSonlyprocessestheentrieswhich
arefoundintheOCSdatabase.Thatcauses,thatentrieswhicharedeletedfromOCSdatabasewill
notlongerprocessedbyAUagainstOCSandwillnotbedeletedformGestioIP'sdatabasebyAU
againstOCS.AUagainstDNSisabletodetectanddeletethisentries.SoifyourunAUagainst
OCS,runalwaysAUagainstDNS,too.Configurethecronjobsinthatway,thatAUagainstOCS
willbeexecutedbeforeAUagainstDNS.
93

DocumentationGestiIPIPAMv3.2

Note
IfyouruntheautomaticupdateagainstDNS(ip_update_gestioip_dns.pl)againstanIPv6network
youneedtoallowDNSzonetransfersfromtheGestiIPserverontheDNSservers.
Note
Createacronjobtoexecutethescriptsautomatically(see9.4).
Note
Theautomaticupdateprocessesonlynetworkswithchecked"sync"field(see3.2.1).
Note
AUneednotrunonthehostwiththeinstallationofGestiIP.Ifyouhaveamonitoringserver(e.g.
withNagios)whichcanreachallrelevantnetworkswithpingandSNMP,thiscouldbeagood
placetorunscriptsfrom.
Note
AUmightriseloadonthehostwherethescriptsrunandonDNSservers

9.1Scriptdirectorystructure
Sinceversion3.0theinstallationcreatesthefollowingdirectorystructurefortheAUscripts
under/usr/share:
/usr/share/gestioip/bin

DirectorywithAUscripts

/usr/share/gestioip/bin/web

DirectoryforWebbaseddiscoveryscripts(notrelevantforAU)

/usr/share/gestioip/etc

DirectorywithconfigurationforAUscripts
(ip_update_gestioip.conf)

/usr/share/gestioip/etc/vars

Directorywherethelanguagefilesarestored

/usr/share/gestioip/var/log

Directorytostorelogfiles

/usr/share/gestioip/var/run

Directorytostorelockypidfiles

Importantnote
AUofolderversionarenotcompatiblewithGestiIPv3.0.DisableAUcronjobsbeforeupdating
tov3.0andreconfigurecronjobswithnewscriptafterupdatingGestiIP.DoNOTuseAU
scriptsofolderversionswithv3.0.

94

DocumentationGestiIPIPAMv3.2

9.2Commandlineoptions
$./ip_update_gestioip_snmp.plhelp
usage:ip_update_gestioip.pl[OPTIONS...]
v,verbose
verbose
V,Version
printversionandexit
l,log=logfile
logfile
d,disable_audit
disableauditing
c,config_file_name=config_file_namenameoftheconfigurationfile(withoutpath)
L,Location=locationscomasepartedlistoflocations
N,Network_file=networks.listfilewiththelistofnetworkstoprocess
C,CSV_networks=csv_listcomaseparatedlistofnetworkstoprocess
m,mail
sendtheresultbymail(mail_destinatarios)
h,help
help
./ip_update_gestioip_snmp.plhelp
configurationfile:/usr/share/gestioip/etc/ip_update_gestioip.conf

$./ip_update_gestioip_dns.plhelp
usage:ip_update_gestioip_dns.pl[OPTIONS...]
t,test
testingmodenodatabasechangeswouldbemade(needsoptionv)
v,verbose
verbose
V,Version
printversionandexit
l,log=logfile
logfile
c,config_file_name=config_file_name nameoftheconfigurationfile(withoutpath)
L,Location=locations
comasepartedlistoflocations
N,Network_file=networks.list
filewiththelistofnetworkstoprocess
C,CSV_networks=csv_list
comaseparatedlistofnetworkstoprocess
d,disable_audit
disableaudit
m,mail
sendtheresultbymail(mail_destinatarios)
h,help
help

configurationfile:/usr/share/gestioip/etc/ip_update_gestioip.conf

95

DocumentationGestiIPIPAMv3.2

$./ip_update_gestioip_ocs.pl
usage:ip_update_gestioip.pl[OPTIONS...]
v,verbose
V,Version
l,log=logfile
m,mail
h,help

verbose
Version
logfile
sendtheresultbymail(mail_destinatarios)
help

configurationfile:/usr/share/gestioip/etc/ip_update_gestioip.conf

Note
Ifyourunthescriptsmanuallyuseverboseoption(./ip_update_gestioip.plv)toseewhat's
happening.
Note
Ifyouwanttoruntheactualizationscriptsforvariousclients,createconfigurationfilesforevery
clientandspecifytheconfigurationfileforeveryscriptinstancewiththecoption
(ip_update_gestioip.pldoesnotdisposeaboutthecoption,specifytheconfigurationfiledirectly
inthescript).

9.3Configuration
Theconfigurationofip_update_gestioip_dns.plandip_update_gestioip_ocs.plisstoredinthefile
"/usr/share/gestioip/etc/ip_update_gestioip.conf".
Configurationparameterdescription:
parameter

description

defaultvalue

sid_gestioip

SIDoftheGestiIP'sdatabase

gestioip

user_gestioip

GestiIP'sdatabaseuser

gestioip

pass_gestioip

GestiIP'sdatabaseuserpassword

bbdd_host_gestioip

HostwheretheGestiIPMysqldatabaseruns

localhost

bbdd_port_gestioip

PortwhereGestiIP'sMysqldatabaseis
listening

sid_osc

SIDoftheOCSdatabase

ocsweb

user_ocs

OCS'sdatabaseuser

ocs

96

DocumentationGestiIPIPAMv3.2

pass_ocs

OCS'sdatabaseuserpassword

bbdd_host_ocs

HostwheretheOCSMysqldatabaseruns

bbdd_port_ocs

PortwhereOCSMysqldatabaseislistening

3306

GlobalparametersrelevantforupdateviaSNMP,againstDNSoragainstOCS
lang

languagesupportedvalues:en,es,cat,de

en

mail_destinatarios

Wheretosendthereport.Comaseparatedlist
ofmailaddresses.
Example:
user1@domain.org,user2@domain.org

mail_from

Fromforthereportmail.Changeyour
domaintoyourdomain.

GestioIP@your
domain.org

logdir

Wheretostorethelogfile

.
(actualdirectory)

ignore_generic_auto

Setthisvalueto"yes"iftheupdatescript
shouldignoreDNSentriesthatmatchauto
generatedgenericrDNSentries(see3.2.2.3)

yes

ignorar

GenericrDNSentriestoignorewhenupdating
anetworkagainsttheDNS(see3.2.2.3)

max_sinc_procs

Maximumnumberofparallelprocessestofork 128
whensynchronizinganetworkagainstthe
DNS.
Decreasethisvalueiftheautomaticupdateuses
toomuchCPUloadorincreaseitforfasterrun.
Also,havealookatCPUloadofyourDNS
serversduringtherunofscripts(iftheservers
arenotverybusyavalueof254shouldnotbea
problem).
possiblevalues:4,8,16,32,64,128,254

generic_dyn_host_name

Configureherestringsthatmatchgeneric

nameswithareassignedviaDHCP(see3.6.2).
Commaseparatedlist,casesensitive.
Example:PC,LAP
(fordynamicassignednamessuchasPC
001,PC002,LAP001,LAP002)

dyn_rangos_only

Setdyn_ranges_onlyto"yes"ifyouonlywant no
toupdateIPsofreservedranges

ParameterrelevantforupdateagainstDNS
actualize_ipv4_dns

Setthisparametertoyesifyouwantthatthe yes
updateagainstDNSprocessesIPv4networks

actualize_ipv6_dns

Setthisparametertoyesifyouwantthatthe yes
97

DocumentationGestiIPIPAMv3.2

updateagainstDNSprocessesIPv6networks
delete_dns_hosts_all_down

Setthisparameterto"yes"ifyouwantupdating yes
againstDNStodeleteallIPsthatdontrespond
topingandthatdon'thaverDNSentries.

ParameterrelevantforupdateagainstDNS
no_ocs_redes

Fornetworkswhichshouldnotbesynchronized
againsttheOCS.
Onlyforip_update_gestioip_ocs.pl
Commaseparatedlist.
Example:10.0.1.0,192.168.0.0

set_update_type_to_ocs

Setthisto"yes"ifautomaticupdateagainst
no
OCSshouldsettheupdatetypeto"ocs".When
update_typeissetto"ocs"automaticupdate
againstDNSwillnotoverwriteupdatesfrom
OCS.
Onlyforip_update_gestioip_ocs.pl

ignore_ocs_host_down

OCSdoesn'talwaysdeleteoldentriesfromits yes
database.Ifyouset"ignore_ocs_host_down"to
"yes",updateagainstOCSwillonlyupdate
GestiIPsdatabasewithIPswhichrespondto
"ping".
Onlyforip_update_gestioip_ocs.pl

delete_ocs_hosts_down_match Setthisparameterto"yes"ifyouwantupdating yes


againstOCStodeleteIPsthatdontrespondto
pingandwithmatching"genericauto"or
"genericdynhostnames"
Onlyforip_update_gestioip_ocs.pl
delete_ocs_hosts_down_all

Setthisparameterto"yes"ifyouwantupdating no
againstOCStodeleteallIPsthatdontrespond
toping
Onlyforip_update_gestioip_ocs.pl

ParameterrelevantforupdateviaSNMP
actualize_ipv4_snmp

Setthisparametertoyesifyouwantthatthe yes
updateviaSNMPprocessesIPv4networks

actualize_ipv6_snmp

Setthisparametertoyesifyouwantthatthe yes
updateviaSNMPprocessesIPv6networks

snmp_community_string

SNMPCommunity(SNMPv1/v2c)orusername public
(SNMPv3)

snmp_version

SNMPversion
allowedvalues:1,2,3

snmp_user_name

SNMPusername(SNMPv3)
98

DocumentationGestiIPIPAMv3.2

sec_level

SNMPsecuritylevel(noAuthNoPriv,
authNoPriv,authPriv)

authNoPriv

auth_proto

SNMPauthenticationprotocol

MD5

auth_pass

SNMPauthenticationpasssword

priv_proto

SNMPprivacyprotocol(DES,3DES,AES)

priv_pass

SNMProvacypassword

3DES

Note
Ifyouuseboth,AUagainstDNSandAUagainstOCS,checklogfilesorauditforpingpongeffects
(e.g.AUagainstDNSupdatesanentryandAUagainstOCSdeletesit.).Ifpingpongeffects
occurcheckwhetherAandrDNSentriesfortheaffectedIPaddressarecorrectlyconfigured.

9.4Automaticexecutionwithcron
Createacronjobtoactivatetheautomaticupdate.
ExampleI
Withthecrontabentriesbelowip_update_gestioip_snmp.plwillbeexecutedeverySaturdayat
22:30.
3022**6/usr/share/gestioip/bin/ip_update_gestioip_snmp.plm>/dev/null
2>&1

ExampleII
Withthecrontabentriesbelow,ip_update_gestioip_dns.plandip_update_gestioip_ocs.plwillbe
executedeverydayonceperhour(ip_update_gestioip_dns.plat00:30,01:30,02:30,...and
ip_update_gestioip_ocs.plat00:45,01:45,...)assumingthatip_update_gestioip_dns.plneedless
than15minforonerun.
30****/usr/share/gestioip/bin/ip_update_gestioip_dns.plm>/dev/null
2>&1
45****/usr/share/gestioip/bin/ip_update_gestioip_dns.plm>/dev/null
2>&1

99

DocumentationGestiIPIPAMv3.2

Note
Chooseafrequencythatensuresthatthelastrunofthescripthasfinishedwhencronexecutesthe
scriptagain(scriptscreatesemaphorefilessoit'ssurethatthereareneverrunningmultiple
instancesofthescript)
Youcanusethecommandtimetodeterminehowlogthescriptneedsforonerun.Execute
$time./ip_update_gestioip_dns.plv
....
real0m14.431s<timethescripneedstorun
user0m1.864s
sys0m2.432s
(resultforoneclassCnetwork)

9.5RequiredPerlModules
AutomaticupdatescriptsdependamongstothersonthefollowingPerlModules:
DBI,DBDmysql,Net::IP,Net::Ping::External,Parallel::ForkManager,Net::DNS,SNMP::Info,
ParseExcel(optional),OLEStorage_Lite(optional,neededbyParseExcel).
IfyouruntheupdatescriptsfromahostotherthantheGestiIPhost,youneedtoinstallthisPerl
Modulesonthemachine,too.
Ifyouexecutetheupdatescriptsfromcommandline,missingmoduleswillbeindicatedbyanerror
messagelike:
Can'tlocateParseExcel.pmin@INC(@INCcontains:...

HerearesomeexamplesofhowtoinstalltherequiredPerlModulesfordifferentLinux
distributions(alreadyinstalledmoduleswillbeignored):
Debian/Ubuntu
ManyofthispackagesarefromUniverserepository.Youhavetoenable(uncomment)itin
/etc/apt/sources.list.Don'tforgettoexecutesudoaptgetupdatetoresynchronizethepackage
indexfilesfromtheirsourcesaftereditingsources.list

$sudoaptgetinstalllibdbiperllibdbdmysqlperllibparallelforkmanager
perllibnetpingexternalperllibwwwperllibnetipperllibspreadsheet
parseexcelperllibsnmpperllibdatemanipperllibdatecalcperllibtime
modulesperllibmailtoolsperllibnetdnsperllibsnmpinfoperl

100

DocumentationGestiIPIPAMv3.2

Suse
$sudozypperinstallPerlDBDmysqlperlDBIPerlNetIPperllibwwwperlperl
SNMPperlMailToolsperlTimemodulesperlDateCalcperlDateManipperlNet
DNS

ThefollowingPerlmodulearenotavailablefromSuserepository:Parallel::ForkManager,
ParseExcel,OLEStorage_LiteandSNMP::Info
Downloadthemodulesfromhttp://search.cpan.org/andinstallitmanually(see9.5.1).
Fedora/RedHat/CentOS
$sudoyuminstallperlNetIPperlNetPingExternalperlParallelForkManager
perlDBIperlDBDmysqlperlSpreadsheetParseExcelnetsnmpperlperlDateManip
perlDateCalcperlTimeDateperlMailToolsperlSNMPInfoperlNetDNS

NoteforRedhat5andCentOS5.3
ThefollowingPerlmodulesarenotavailablefromrepositories:ParallelForkManager,NetPing
External,Net::DNSandSNMP::INFO
Downloadthemodulesfromhttp://search.cpan.org/andinstallthemmanually(see9.5.1).

9.5.1ManualinstallationofmissingPerlmodules
Ifyourunautomaticupdatefromadifferenthostthanthatwhichcomeswithinstallationof
GestiIPtheremightbePerlmodulesmissing.
Downloadthemissingmodulesfromhttp://search.cpan.organdinstallthemusingthefollowing
commands(requiresthatmakeisinstalled):

$tarvzxfmodule.tar.gzorratherunzipmodule.zip
$cdmodule
$perlMakefile.pl
$make
$sudomakeinstall

101

DocumentationGestiIPIPAMv3.2

9.5.1.1SNMP::InfoandNetdiscoMIBs
VLANdiscoveryaswellaspartsofhostdiscoveryviaSNMParebasedonthePerlModule
SNMP::Info,developedbyMaxBackerfortheNetdiscoproject.SNMP::InforequirestheNetdisco
MIBstobeinstalledonthesystem.IfNetdiscoMIBsarealreadyinstalledontheserveryoucan
specifythepathtothedirectorywheretheMIBfilesarestoredfromManageGestiIP.
ToinstallMIBfilesdownloadthemlatestversionoftheNetdiscoMIBsfromSourceforge:
https://sourceforge.net/projects/netdisco/files/netdiscomibs/
Untarthefilenetdiscomibsx.y.tar.gz
$tarvzxfnetdiscomibsx.y.tar.gz

Copythecontentofnetdiscomibsx.y/to/usr/share/gestioip/mibs/
$sudocprnetdiscomibsx.y/*/usr/share/gestioip/mibs/

ChangetheownerandgrouptotheuserunderwhichisrunningtheApacheWebserver(e.g.
Ubuntu:wwwdata)
$sudochownRwwwdata:wwwdata/usr/share/gestioip/mibs

102

DocumentationGestiIPIPAMv3.2

10Generalinformation
10.1Backup
Don'tforgettoincludeGestiIP'sdatabasewithinyourbackupstrategy.
TomakeamanualbackupofGestiIP'sdatabaseexecutethefollowingcommand:
$mysqldumpugestioippgestioip>backup_gestioip.sql

Torecoverabackupmadewithmysqldumpexecutethefollowingcommand:
$mysqlugestioippgestioip<backup_gestioip.sql

10.2Firewallrules
GestioIP'sWebbased,aswellasthescriptbaseddiscoveryandupdatefunctionsareworkingwith
withDNSandSNMPqueriesplusICMPechorequests(ping).Thatmeansthatthenameservers
mustbeaccessibleandthatthetargetnetworksmustbereachablewithSNMPandICMPfromthe
hostwiththeinstallationofGestiIPandthehostwheretheupdatescripts(see9)arerunning(if
notthesame).AllconnectionsareinitializedbyGestiIP.Thatmeansthatthefollowingfirewall
rulesarenecessarytorunGestiIP'supdatefunctionsproperly.
protocol

srcaddress

srcport

destaddress

destport

ICMPechorequest(type GestiIPhost
8)

destinationnetworks

UDP

GestiIPhost

>1023

destinationnetworks

161

UDP

GestiIPhost

>1023

DNSservers

53

TCP(forzonetransfers) GestiIPhost

>1023

DNSservers

53

ICMPechoreply
(type0)

destinationnetworks

GestiIPhost

UDP

destinationnetworks

161

GestiIPhost

>1023

UDP

DNSservers

>1023

GestiIPhost

53

TCP(forzonetransfers) DNSservers

>1023

GestiIPhost

53

103

DocumentationGestiIPIPAMv3.2

10.3JavaScript
GestiIPusesJavaScript.YouhavetoenableJavaScriptinyourbrowsertouseGestiIP.

10.4Cookies
GestiIPusesthefollowingsixcookies:

GestioIPLangtorememberthelastusedlanguage
EntriesRedPorPagetorememberthelastvalueofentries/page(networkentriesshownper
page)
scrollxandscrollytoscrolltolastpositionaftermanipulatinghostfromlistview
net_scrollxandnet_scrollytoscrolltolastpositionaftermanipulatingnetworksfrom
listview
ShowRootNettodecideofrootnetworksshouldbedisplayed
ShowEndNettodecideofendnetworksshouldbedisplayed

11Troubleshooting
InthischapteryoufindtipshowtotroubleshootsomecommonproblemswhilerunningGestiIP.If
thischapterdoesn'thelpyoutoresolveaproblempleasevisittheHelpForum
(http://sourceforge.net/projects/gestioip/forums/forum/981984)orreporttheproblem
tocontact@gestioip.net.

11.1SNMP
ProblemrelatedconSNMPbaseddiscoverymechanismsarefrequentlycausedbymissingof
requiredstandardMIBsoraincorrectinstallationofNetdiscoMIBs(requiredbySNMP::Info).

11.1.1GeneralSNMPproblems
(1)snmpwalk
RunthecommandsnmpwalkfromashelloftheserverwiththeGestiIPinstallationtocheckifthe
targetmachineisreachableandiftherequiredstandardMIBs(SNMPv2MIB,IPFORWARD
MIB,RFC1213MIB)arecorrectlyinstalled(MIBsarecorrectlyinstalledifOIDsappearasstring).
104

DocumentationGestiIPIPAMv3.2

$snmpwalkv1cCOMMUNITYIP_ADDRESS_TO_QUERY|head10
SNMPv2MIB::sysDescr.0=STRING:Linuxhostname2.6.3811generic
#50UbuntuSMPMonSep1221:18:14UTC2011i686
SNMPv2MIB::sysObjectID.0=OID:NETSNMPMIB::netSnmpAgentOIDs.10
DISMANEVENTMIB::sysUpTimeInstance=Timeticks:(372953)1:02:09.53
SNMPv2MIB::sysContact.0=STRING:Me<me@example.org>
SNMPv2MIB::sysName.0=STRING:hostname
SNMPv2MIB::sysLocation.0=STRING:SittingontheDockoftheBay
SNMPv2MIB::sysServices.0=INTEGER:72
SNMPv2MIB::sysORLastChange.0=Timeticks:(1)0:00:00.01
SNMPv2MIB::sysORID.1=OID:
SNMPFRAMEWORKMIB::snmpFrameworkMIBCompliance
SNMPv2MIB::sysORID.2=OID:SNMPMPDMIB::snmpMPDCompliance

andnot
.1.3.6.1.2.1.1.1.0=STRING:Linuxhostname2.6.3811generic#50Ubuntu
SMPMonSep1221:18:14UTC2011i686
.1.3.6.1.2.1.1.2.0=OID:.1.3.6.1.4.1.8072.3.2.10
.1.3.6.1.2.1.1.3.0=Timeticks:(380424)1:03:24.24
.1.3.6.1.2.1.1.4.0=STRING:Me<me@example.org>
.1.3.6.1.2.1.1.5.0=STRING:hostname
.1.3.6.1.2.1.1.6.0=STRING:SittingontheDockoftheBay
.1.3.6.1.2.1.1.7.0=INTEGER:72
.1.3.6.1.2.1.1.8.0=Timeticks:(1)0:00:00.01
.1.3.6.1.2.1.1.9.1.2.1=OID:.1.3.6.1.6.3.10.3.1.1
.1.3.6.1.2.1.1.9.1.2.2=OID:.1.3.6.1.6.3.11.3.1.1

IfOIDsappearnumericallytherequiredMIBfilesaremissing.Install
themtoresolvetheproblem.E.g.Ubuntu:
$sudoaptgetinstallsnmpmibsdownloader
$sudodownloadmibs

Note
ErrormessageUnknownObjectIdentifierishabituallycausedbymissingofrequiredstandard
MIBsorabadconfigurationofsnmpclient.
Note
Havealthoughalookat/etc/snmp/snmp.conf

(2)Checkdependencies
ExecutethefollowingscriptfromashelloftheserverwiththeGestiIPinstallationtocheckifthe
105

DocumentationGestiIPIPAMv3.2

dependenciesarecomplied:
http://www.gestioip.net/files/gestioip_snmp_test.pl
Pleaseconfigureadeviceandthecommunitydirectlyinthescript.

11.1.2ProblemswithVLANdiscovery
VLANdiscoverydependsonthePerlmoduleSNMP::Info.VLANdiscoveryonlyworkswith
deviceswhicharesupportedbySNMP::Info.ConsultNetdisco(SNMP::Info)DeviceCompatibility
Matrixtocheckifyourdeviceissupported
http://netdisco.org/DeviceMatrix.html
Note
NetworkdiscoverydoesnotdependinSNMP::Info.SNMP::InfoisonlyrequiredforVLAN
discoveryandpartiallyforthehostdiscoveryviaSNMP.

11.1.3Problemswithnetworkdiscovery
AfailofthenetworkimportviaSNMPmaybecausedbymissingMIBfiles(see11.1.1)orbecause
thedevicedoesnotsupporttherequiredOIDs.
IPv4basednetworkimportdependsoneithertheOIDsipCidrRouteDest,ipCidrRouteMask,
ipCidrRouteProtoortheOIDsipRouteDest,ipRouteMask,ipRouteProto.
IPv6basednetworkimportdependsoneithertheOIDinetCidrRouteProtoortheOID
ipv6RouteProtocol.
YoucancheckiftherequiredODIsaresupportedbyyourdevicebyrunningthecommand
snmpwalk(thismaytakesometime):
$snmpwalkv1cCOMMUNITYIP_ADDRESS_TO_QUERY|grepinetCidrRouteProto

IPFORWARD
MIB::inetCidrRouteProto.ipv6."fe:80:00:00:00:00:00:00:03:c4:df:f3:fe:95:ac:12".1
28.1.4.ipv6."00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00"=INTEGER:
local(2)

...

106

DocumentationGestiIPIPAMv3.2

11.2Database
GestiIPcomeswiththescriptgip_health_check.plwhichexecutesacoupleofconsistency
checksfortheMysqldatabase.Beforeyouexecutethescriptyouneedtoconfigurethedatabase
parametersdirectlyinthescript.YoufindthescriptinthescriptdirectoryoftheGestiIPtarball.
OpenitwithyourfavoriteeditorandconfigureSID,username,passwordandtheIPofthehost
wherethedatabaseisrunning.
############################
####Changefromhere...###
############################
my$sid_gestioip="gestioip";#SIDoftheGestioIPMysqldatabase
my$user_gestioip="gestioip";#GestioIP'sdatabaseuser
my$pass_gestioip="XXXXXX";#PasswordofGestioIP'sdatabaseuser
my$bbdd_host_gestioip="localhost";#HostnameorIPwheretheGestioIPMysql
databaseisrunning
############################
####...tohere###########
############################

Saveandclosethescript.Toexecutethescriptchangetothescriptdirectoryandexecutethe
followingcommand:
$./gip_health_check.pl

11.3UnistallingGestiIP
GestiIPdoesnotdisposeaboutanautomaticdeinstallationscript.Deinstallationmustbe
performedmanually.GestiIPconsistsinCGIfiles,theupdatescripts,theapacheconfiguration
andtheMysqldatabase.TouninstallGestiIPremovethisfiles,disabletheCronjobs(if
configured)anddeleteGestiIP'sdatabase.
Openashellandexecutethefollowingcommandos:
RemovetheCGIfiles:
$sudormr[DocumentRoot]/gestioip
(replace[DocumentRoot]withtheDocumentRootofyourApachewebserver)

Disablethecronjobs.

Removethescriptfiles:
$sudormr/usr/share/gestioip

107

DocumentationGestiIPIPAMv3.2

Removetheapacheconfiguration:
$sudormAPACHE_INCLUDE_DIR/gestioip.conf
(e.g.Ubuntu:rm/etc/apache/conf.d/gestioip.conf)

RemoveGestiIP'sApacheuserfile
$sudormAPACHE_CONF_DIR/usersgestioip
(e.g.Ubuntu:rm/etc/usersgestoip)

DeleteGestiIP'sMysqldatabase:
LogintomysqlCLI:
$mysqlurootp

mysql>dropdatabasegestioip;
mysql>exit;

12Licence
GestiIPisfreesoftware.ItisdistributedundertheGNUGENERALPUBLICLICENCEversion3
(GPLv3).

108

DocumentationGestiIPIPAMv3.2

AppendixA
ListofmanufacturesrecognizedbyGestioIP'sSNMPdiscoverymechanisms(displayedwith
iconsinhostlistview)
3com,Accton,Actiontec,Adder,Adtran,Aerohive,Aficio,Allied,Alps,Altiga,Alvaco,Anitech,
Apc,Apple,Arista,Arquimedes,Aruba,Asante,Astaro,Avaya,Avocent,Axis,Barracuda,Belair,
Billion,Bluecoat,Broadcom,Brocade,Brother,Calix,Canon,Checkpoint,Cisco,Citrix,
Cyberoam,Dell,Dialogic,Dlink,Dothill,Draytek,Eci,Edgewater,Eeye,Emc,Emerson,
Enterasys,Epson,Ericsson,Extreme,Extricom,F5,Fluke,Force10,Fortinet,Foundry,Fujitsu,Gta,
H3c,Heidelberg,Hitachi,Hp,Huawei,Ibm,Iboss,Imperva,Juniper,Kasda,Kemp,Kodak,Konica,
Lancom,Lanier,Lanner,Lantronix,Lenovo,Lexmark,LG,Liebert,Lifesize,Linksys,Lucent
alcatel,Lucent,Macafee,Megaware,Meru,Microsemi,Microsoft,Mikrotik,Mitsubishi,
Mobileiron,Motorola,Moxa,Multitech,Nec,Netapp,Netgear,Netsweeper,Nitro,Nokia,Nortel,
Novell,Oce,Oki,Olivetti,Olympus,Optibase,Oracle,Ovislink,Packetfront,Paloalto,Panasonic,
Passport,Patton,Peplink,Pica8,Polycom,Procurve,Proxim,Qnap,Radvision,Radware,Rapid7,
Realtek,Redback,Reflex,Ricoh,Riverbed,Riverstone,Ruckus,Samsung,Savin,Seiko_infotec,
Shinko,Siemens,Silverpeak,Sipix,Smc,Sonicwall,Sony,Sourcefire,Star,Stillsecure,Stonesoft,
Storagetek,Sun,Supermicro,Symantec,Tallygenicom,Tandberg,Tenda,Thomson,Tippingpoint,
Toplayer,Toshiba,Ubiquiti,Vegastream,Vidyo,Vmware,Vyatta,Watchguard,Websense,
Westbase,Xante,Xerox,Xiro,Zebra,Zyxel
ListofoperationsystemsrecognizedbyGestioIP'sSNMPdiscoverymechanisms(displayed
withicons)
AIX,ArchLinux,CentOS,Debian,Fedora,FreeBSD,FunToo,GenToo,JunOS,Linux,NetBSD,
Netware,OpenBSD,Redhat,Slackware,Solaris,Suse,Ubuntu,Turbolinux,Unix,Windows

GestiIPCopyrightMarcUebel2015
109

You might also like