This section describes extended support for Layer 2 devices in NP-View. This support was added in 6.0.1
Note that this feature will be under development for the next few releases as we build out the portfolio of features.
This feature is considered experimental
This feature adds baseline support for Layer 2 visibility.
Supported devices:
In addition to the layer 3 information inferred from ARP and Route tables, NP-View imports MAC and Interface tables to begin to support layer 2 interfaces. This data is automatically collected by the supported device connectors. Route and Interface data is loaded with the configuration file, while the ARP and MAC data can be added independently to views as auxiliary data.
If loading data manually, load only one configuration file at a time and include all auxiliary data on the same import for proper file association.
Layer 2 Capabilities:
Layer 2 connections are represented by a blue dotted line to a gateway.
To see the Layer 2 details, enable the 'Show Layer 2 Connections' from the topology settings.
Once enabled, Layer 2 networks will be displayed as teal clouds. Hosts / endpoints will be displayed as classic hosts.
Endpoints defined from Layer 2 communications will display the MAC Address where Layer 3 hosts will display a hostname or IP address. Only Layer 2 endpoints with and IP address can be considered for verification.
Clicking on the endpoint will display the info panel with the addition of the new VLAN section.
Note that Layer 2 topologies can get very complex very quickly.
Limitations:
There are cases where not all devices have a configuration file (e.g., layer 2 switches) or the configuration file cannot be retrieved.
To fill the void, we created a method to add a network switch to the topology using a manually generated file.
The following is an example of the data that is required. The text file should be a properly formatted YAML ending with .YAML or .YML or it won’t be classified correctly and the import will fail. Note that each manually created switch will use a device license. Be sure to not use special characters within the device name or the interface names. Stick with alphanumeric characters, underscores can be used as shown below.
# This first line must be present, and the identifier must be np_custom_device
file_identifier: np_custom_device
# The name of the device, will be represented as such in the app
device_name: custom_l2_switch
# Vendor string, merely a description of the device
vendor: netgear
# A list of interfaces on the device, you need at least one interface
interfaces:
- name: eth0
mac_addr: 0000:1b2b:fefe
ip: 192.168.1.100
netmask: 255.255.255.0
- name: eth1
mac_addr: 0101:acdc:80ba
ip: 192.168.2.100
netmask: 255.255.255.0 When the above .YAML file is loaded into NP-View, the following device will displayed in NP-View.
With the following interfaces:
When adding one or more Layer 2 switches using the .YAML method, the next logical step is to add endpoints. To manually add endpoints, we have created a method using a complementary .xlsx file called the Common Data Model.
The template for the Common Data Model file is shown below. The columns headers must match the template and row 2 is an optional row.
The rest of the columns in the template are placeholders for future data. While these columns will not be imported, the headers are required. These columns are:
The CDM example above has been exported to a .csv to use as a template.
vLAN ID,Device,Interface Name,Interface MAC,Interface IP,Attached MAC,Attached IP,Description,Conf State,Trunk,Subnet Mask,vLAN Name,IF State
sh run,sh run,sh run,sh mac addr,sh run,,,,,,,,
10,custom_l2_switch,eth0,1900.c6c8.24a8,192.168.1.102,0024.36f3.5121,192.168.1.110,,,,,,
When the .YAML file and the CDM file are loaded at the same time, the following topology is rendered.
The next logical step is to connect the .YAML switch to the rest of the network. To do this, one of the interfaces defined in the .YAML (eth1) file must represent a connection to another firewall, router or switch. The example below is a config for a generic router.
!
! Last update 2025-01-22
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service password-encryption
!
hostname basic_router
!
enable secret 5 *****
!
ip routing
!
no ip bootp server
!
no ip source-route
!
interface Loopback0
ip address 192.168.0.3 255.255.255.255
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
! Repeat this INTERFACE block as needed for each connection,
! incrementing interface number. Note that you do NO need to
! match the remote L2 media type.
interface FastEthernet0/1
description esp
ip address 10.10.1.2 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface FastEthernet0/2
description link
ip address 10.10.254.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
interface eth1
description link
ip address 192.168.2.110 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 10.10.1.1
ip route 172.16.1.0 255.255.255.0 10.10.1.1
ip route 172.16.2.0 255.255.255.0 10.10.1.1
ip route 10.10.100.0 255.255.255.0 10.10.254.2
ip route 192.168.100.0 255.255.255.0 10.10.254.2
ip route 172.168.100.0 255.255.255.0 10.10.254.2
ip route 172.168.200.0 255.255.255.0 10.10.254.2
ip route 192.168.2.0 255.255.255.0 10.10.254.2
!
control-plane
!
no ip gratuitous-arps
no ip source routing
!
line con 0
password 7 *****
line aux 0
password 7 *****
!
!
end
Adding the generic router to the topology displays as follows:
