pf::Switch::Nortel - Object oriented module to access SNMP enabled Nortel switches
The pf::Switch::Nortel module implements an object oriented interface to access SNMP enabled Nortel switches.
Sometimes switches that were previously in a stacked setup will report security violations as if they were still stacked. You will notice security authorization made on wrong ifIndexes. A factory reset / reconfiguration will resolve the situation. We experienced the issue with a BayStack 470 running 3.7.5.13 but we believe it affects other BayStacks and firmwares.
We faced issues where some switches (ie ERS2500) insisted on having a board index of 1 when adding a MAC to the security table although for most other operations the board index was 0. Our attempted fix is to always consider the board index to start with 1 on the operations touching secuirty status (isPortSecurity and authorizeMAC). Be aware of that if you start to see MAC authorization failures and report the problem to us, we might have to do a per firmware or per device implementation instead.
TODO: This list is incomplete
Warning: MIB says 1 is access, 2 is trunk but we've encountered other values.
Set a port as mode access or mode trunk based on ifIndex given.
In what VLAN should a VoIP device be?
How many ifIndex there is per board. It changed with a firmware upgrade so it is encapsulated per switch module.
Default is 64
First board id varies from one BayStack to another based on what seems to be cosmic rays. This method is useful to work-around that problem.
Should return either 0 or 1
We noticed that the security status related OIDs always report their first boardIndex to 1 even though elsewhere it's all referenced as 0. I'm unsure if this is a bug or a feature so we created this hook that will always assume 1 as first board index. To be used by method which read or write to security status related MIBs.
Change VLAN Tag bit on a given ifIndex for all the given VLANs.
Takes an ifIndex, a TRUE/FALSE value (tag or untag), the switch locker to avoid concurrency issues and a list of VLANs.
Removes all the tagged Vlans on a multi-Vlan port. Used for floating network devices.
Tag given VLANs on a given port in a multi-vlan per port config (trunk). Used for floating network devices.
Inverse inc. <info@inverse.ca>
Copyright (C) 2005-2015 Inverse inc.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.