[quagga-users 11306] Re: very newbish question regarding netwok discovery

Christopher Barry christopher.barry at rackwareinc.com
Sun Jan 10 22:26:14 GMT 2010


On Sun, 2010-01-10 at 15:36 -0500, Christopher Barry wrote:
> On Sun, 2010-01-10 at 12:07 -0800, Kurt Buff wrote:
> > On Sun, Jan 10, 2010 at 11:42, Christopher Barry
> > <christopher.barry at rackwareinc.com> wrote:
> > > Greetings all,
> > >
> > > This is my fist post to this group.
> > >
> > > My question is around a use of Quagga, and potentially OSPF that is
> > > likely very non-standard.
> > >
> > > Use Case:
> > > A compute system with multiple interfaces whose attached networks are
> > > not known is temporarily booted with a special Linux image running
> > > (potentially) quagga.
> > >
> > > This Linux image would use OSPF (or some other protocol) to determine
> > > what networks each interface was attached to. Ideally, no IP addresses
> > > would be configured on the system during this process. Scripts would
> > > record this information (e.g. the system interface/attached subnet
> > > pairing) for future understanding about the system's network
> > > connectivity.
> > >
> > > Is this use case even remotely possible? And if so, can anyone here give
> > > me some advice on where to begin to implement such a system?
> > >
> > >
> > > Thanks,
> > > -Christopher
> > 
> > I see four possibilities:
> > 
> > 1) Ask for IP addresses, and see if you can get your data.
> > 
> > 2) Start listening to broadcasts on each NIC, and characterize the subnets
> > 
> > 3) Start sending all ones broadcasts on each NIC and see what replies you get
> > 
> > 4) start blasting MAC addresses to each connection in the hopes of
> > flooding the tables on the connected devices and start looking at the
> > traffic that comes through on each NIC
> > 
> > I don't
> >  think you need a routing package for any of that, unless I'm
> > missing something fundamental.
> > 
> > Kurt

=======8<--------------snip----------------
see thread for more interaction about this with Kurt.
(thanks Kurt)

> 
> The ideal situation is: I bring up the image, bring up the interfaces,
> but leave them unconfigured with IP addresses, and some whiz-bang
> protocol queries each interface at the link-level, and figures out which
> subnets are directly connected to each.
> 
> Originally I thought I could use arp for this, but a multi-homed system,
> and routers as well, from what I can gather, will do a form of
> proxy-arp, so they will respond with the directly connected MAC address
> of a host, but with an IP from another local interface. This makes
> isolation essentially impossible.

As stated above, in a prior posting, arp is not a feasible solution for
this use case - I have already tried it.

from the arp-scan user manual located @ 
http://www.nta-monitor.com/wiki/index.php/Arp-scan_User_Guide#Discovering_other_interface_addresses

$ arp-scan --interface=eth0 192.168.1.1 10.0.105.225

192.168.1.1     00:c0:9f:09:b8:db       QUANTA COMPUTER, INC.
10.0.105.225    00:c0:9f:09:b8:db       QUANTA COMPUTER, INC.

So, doing subnet identification via arp is not possible. Attempting to
isolate an IP subnet via arp scans will produce multiple false positives
- to the point that any identification or isolation is simply not
possible. It also requires a certain afore-knowledge of the available
subnets - I would like to avoid this restriction.

> 
> Hence this foray into routing protocols. This may not be a reasonable
> methodology either, but I thought it was worthy of asking all of you
> experts on this list.
> 

Can anyone speak to the behavior of OSPF as a potential discovery
protocol for the above scenario? I have already fully investigated arp,
and found it non-workable for my use case, and while my current
algorithm does somewhat function, it's not without it's warts and
burdens, and I'm in search of something better.

Regards,
-Christopher







More information about the Quagga-users mailing list