1 Introduction

The Network Documentation Tool (Netdot) is an open source software designed to help network administrators collect, organize and maintain network documentation. Netdot is actively developed at the University of Oregon.

1.1 Goals

In these exercises we will install Netdot and demonstrate some of its most important features.

1.2 Notes

2 Installation

Netdot may already be installed in your PC. Ask the instructor.

Log in to your virtual machine as the sysadm user and make sure your machine is up-to-date with the rest of the class:

$ sudo apt-get install snmp snmp-mibs-downloader snmpd cacti smokeping \
  nagios3 joe postfix

2.1 Download the Package

First check if it's available in your classroom's NOC server:

$ cd 
$ wget http://noc.ws.nsrc.org/downloads/netdot/netdot-1.0.6.tar.gz

If not, try from the official site:

$ wget http://netdot.uoregon.edu/pub/dists/netdot-1.0.6.tar.gz

Unpack the tarball:

$ tar xzvf netdot-1.0.6.tar.gz
$ cd netdot-1.0.6

2.2 Install dependencies:

$ sudo apt-get install build-essential
$ sudo make apt-install

Which RDBMS do you plan to use as backend: [mysql|Pg]? mysql

We need to add a temporary repository of Netdot dependencies until all packages 
are in Debian/Ubuntu official repositories.
Would you like to continue? [y/n] y

This will download a lot of packages. Be patient.

(If you had not installed mysql-server, you'll be asked for a DBA password. Ask the instructor for the Mysql root password).

Say yes here:

We will install the MIB files now. Continue? [y/n] y

If you see this prompt, then answer yes:

A new /etc/snmp/snmp.conf needs to be installed to point to the newly 
installed MIB files. The current file will be backed up. Continue? [y/n] y

At the end of the installation you will see a list of Perl modules that have been installed (OK). If any did not install you will see "MISSING".


NOTE If more than two packages show as MISSING, do not continue. Ask your instructor for help. Probably you will need to go back and repeat the last section (sudo make apt-install) and look for errors.


If one or two packages are missing, type:

$ sudo make installdeps

Which RDBMS do you plan to use as backend: [mysql|Pg]? mysql

You will now see three questions concerning CPAN setup to download the missing PERL dependency. Answer like this:

Would you like to configure as much as possible automatically? [yes] yes

What approach do you want?  (Choose 'local::lib', 'sudo' or 'manual')
 [local::lib] <ENTER>
 
Would you like me to automatically choose some CPAN mirror
sites for you? (This means connecting to the Internet) [yes] 

If you still see missing dependencies do:

$ sudo make installdeps

Until you don't see any more missing dependencies.

This will try to install the missing modules using the CPAN archive. At the end, all the modules should show "ok".

2.3 Initialize the site configuration:

$ cd ~/netdot-1.0.6/
$ cp etc/Default.conf etc/Site.conf
$ editor etc/Site.conf

Find and change the following values:

NETDOTNAME => 'pcX.ws.nsrc.org',
DB_DBA_PASSWORD => '(the password you used when installing mysql)',
DEFAULT_SNMPCOMMUNITIES  =>  ['NetManage', 'public'],
NMS_DEVICE => 'pcX.ws.nsrc.org',
DEFAULT_DNSDOMAIN  => 'ws.nsrc.org',
DEVICE_NAMING_METHOD_ORDER => [ 'sysname', 'snmp_target' ],

Save and exit from the file.

2.4 Patch installation

We're going to make a couple of changes: one to speed up download of the ethernet vendor file, and another to make netdot work with apache 2.4

First, let's make netdot download the list of ethernet vendors from our local server, and not from the internet (it takes too long otherwise):

$ cd ~/netdot-1.0.6/bin/
$ editor Makefile

Find the line:

wget -t 1 http://standards.ieee.org/regauth/oui/oui.txt || cp oui.txt.default oui.txt

And change it to:

wget -t 1 http://noc.ws.nsrc.org/downloads/netdot/oui.txt || cp oui.txt.default oui.txt

We also need to fetch a newer copy of the Apache configuration to support Apache 2.4, which is standard in Ubuntu 14.04. We have included this file for you.

$ cd ~/netdot-1.0.6/etc/
$ wget http://noc.ws.nsrc.org/downloads/netdot/netdot_apache24_local.conf
$ mv netdot_apache2_local.conf netdot_apache2_local.conf.old
$ mv netdot_apache24_local.conf netdot_apache2_local.conf

2.5 Install the application and initialize the database.

It's finally time to run the installation!

$ cd ~/netdot-1.0.6/
$ sudo make installdb
$ sudo make install APACHEUSER=www-data APACHEGROUP=www-data
$ sudo ln -s /usr/local/netdot/etc/netdot_apache2_local.conf \
    /etc/apache2/conf-available/netdot.conf
$ sudo a2enconf netdot
$ sudo service apache2 graceful

Install the cron jobs for automated tasks

$ sudo cp netdot.cron /etc/cron.d/netdot

3 Operation

3.1 Log into the web interface

In your browser, go to:

http://pcX.ws.nsrc.org/netdot

Log in with username: admin and password: admin

3.2 Changing default passwords

Netdot comes with three default user accounts. You should change the default passwords on those.

Go to the "Contacts" tab, then search for "Admin". You should see the details for the Admin user. Click on [edit], and find the Password field. Type the password you used to log in to your PC, then click on the "Update" button.

Repeat the same steps for the other default users:

3.3 Discovering devices

If you have not done so yet, configure SNMP on your PC and your router.

Ask the instructor to provide you with instructions for configuring SNMP on Cisco routers and Linux

Now back to Netdot. Let's create a file with all the devices in the lab network that respond to SNMP:

$ editor /home/sysadm/discoverme.txt

Copy and paste the following list:

gw.ws.nsrc.org NetManage
s1.ws.nsrc.org NetManage
sw.ws.nsrc.org NetManage
rtr1.ws.nsrc.org NetManage
rtr2.ws.nsrc.org NetManage
rtr3.ws.nsrc.org NetManage
rtr4.ws.nsrc.org NetManage
rtr5.ws.nsrc.org NetManage
rtr6.ws.nsrc.org NetManage
rtr7.ws.nsrc.org NetManage
rtr8.ws.nsrc.org NetManage
rtr9.ws.nsrc.org NetManage
pc1.ws.nsrc.org NetManage
pc2.ws.nsrc.org NetManage
pc3.ws.nsrc.org NetManage
pc4.ws.nsrc.org NetManage
pc5.ws.nsrc.org NetManage
pc6.ws.nsrc.org NetManage
pc7.ws.nsrc.org NetManage
pc8.ws.nsrc.org NetManage
pc9.ws.nsrc.org NetManage
pc10.ws.nsrc.org NetManage
pc11.ws.nsrc.org NetManage
pc12.ws.nsrc.org NetManage
pc13.ws.nsrc.org NetManage
pc14.ws.nsrc.org NetManage
pc15.ws.nsrc.org NetManage
pc16.ws.nsrc.org NetManage
pc17.ws.nsrc.org NetManage
pc18.ws.nsrc.org NetManage
pc19.ws.nsrc.org NetManage
pc20.ws.nsrc.org NetManage
pc21.ws.nsrc.org NetManage
pc22.ws.nsrc.org NetManage
pc23.ws.nsrc.org NetManage
pc24.ws.nsrc.org NetManage
pc25.ws.nsrc.org NetManage
pc26.ws.nsrc.org NetManage
pc27.ws.nsrc.org NetManage
pc28.ws.nsrc.org NetManage
pc29.ws.nsrc.org NetManage
pc30.ws.nsrc.org NetManage
pc31.ws.nsrc.org NetManage
pc32.ws.nsrc.org NetManage
pc33.ws.nsrc.org NetManage
pc34.ws.nsrc.org NetManage
pc35.ws.nsrc.org NetManage
pc36.ws.nsrc.org NetManage

Now, tell Netdot to discover those devices:

$ cd /usr/local/netdot
$ sudo bin/updatedevices.pl -E /home/sysadm/discoverme.txt -IAF

When that is done, go to the web interface and navigate to

Management -> Devices

Leave the search box empty, and click on the "Find" button.

You should see all the discovered devices in that list. Go to the link for your group's router (e.g. rtrX.ws.nsrc.org)

3.4 Finding a computer in your network

Netdot will show you which devices were seeing that MAC address the last time that it discovered the network.

3.5 Managing IP address space

Go to Management -> Address Space

You should see a list of private IP blocks (from RFC-1918). These come pre-installed in Netdot.

Click on 10.0.0.0/8

You will see a list of discovered IP blocks, which are marked as "Subnets". These were found in routers.

3.5.1 Create a container to include all the group subnets

In the section called "Address Space Tasks" on top, click on the "[new]" button and enter the following:

You should now see the new Container page. It shows a graphical representation of the /16 block. All the existing subnets are shown in red. The green space represents unused or available address space.

3.6 Polling devices

Periodically you will want to connect again to your routers and switches to fetch their routing tables, forwarding tables etc. You can run the command which does this:

$ sudo /usr/local/netdot/bin/updatedevices.pl -DIFAT

To avoid having to run this by hand, you can install a crontab which will do it automatically at set times of day. We installed the crontab file in /etc/cron.d previously. If you look in /etc/cron.d/netdot you will see that this command executes once each hour by default.

4 More information

Official Netdot Website