Documentacion GestioIP 32 en

GestióIP IPAM
v3.2
IP address management software
Documentation
v0.5
www.gestioip.net
GestióIP Copyright © Marc Uebel 2015
Documentation GestióIP IPAM v3.2
Table of Contents
1 Introduction......................................................................................................................................6
2 Use....................................................................................................................................................7
2.1 Access.......................................................................................................................................7
2.2 Show networks..........................................................................................................................7
2.2.1 Root networks...................................................................................................................9
2.3 Show hosts..............................................................................................................................11
2.3.1 Host list view..................................................................................................................11
2.3.2 Host overview.................................................................................................................12
2.3.3 Host status view..............................................................................................................13
2.3.4 Host check.......................................................................................................................14
2.4 Search functions......................................................................................................................15
2.4.1 Quick search....................................................................................................................15
2.4.2 Advanced network search...............................................................................................16
2.4.3 Advanced host search......................................................................................................17
2.5 History....................................................................................................................................17
2.6 Audit.......................................................................................................................................17
3 Administration................................................................................................................................20
3.1 Administration of host entries/IP addresses............................................................................20
3.1.1 Insert or edit host entries.................................................................................................20
3.1.2 Delete host entries...........................................................................................................22
3.1.3 Host mass update............................................................................................................22
3.1.3.1 Edit multiple host entries.........................................................................................22
3.1.3.2 Delete multiple host entries.....................................................................................23
3.2 Network administration..........................................................................................................24
3.2.1 New add networks manually........................................................................................24
3.2.1.1 Create one network..................................................................................................24
3.2.1.2 Create multiple networks with same bitmasks........................................................25
3.2.1.3 Create multiple networks with different bitmasks..................................................26
3.2.2 Change/delete networks..................................................................................................27
3.2.2.1 Edit..........................................................................................................................28
3.2.2.2 Reserved ranges.......................................................................................................28
3.2.2.3 Manual update against DNS....................................................................................30
3.2.2.3.1 Generic rDNS entries.......................................................................................30
3.2.2.4 Manual host update via SNMP................................................................................32
3.2.2.5 Split.........................................................................................................................33
3.2.2.6 Clear........................................................................................................................35
3.2.2.7 Delete.......................................................................................................................35
3.2.2.8 Network mass update..............................................................................................35
3.2.2.8.1 Edit multiple network entries..........................................................................35
3.2.2.8.2 Clear multiple networks...................................................................................36
3.2.2.8.3 Delete multiple network entries.......................................................................36
3.2.3 Join networks..................................................................................................................36
3.2.4 Show free ranges.............................................................................................................37
2
3.2.5 Subnet calculator.............................................................................................................38
3.3 VLANs....................................................................................................................................38
3.3.1 show, edit, delete.............................................................................................................39
3.3.2 New.................................................................................................................................39
3.3.3 Unify...............................................................................................................................40
3.3.4 VLAN provider...............................................................................................................41
3.3.4.1 Show VLAN provider.............................................................................................41
3.3.4.2 New VLAN provider...............................................................................................41
3.3.5 Import VLANs via SNMP..............................................................................................42
3.4 Autonomous system management..........................................................................................43
3.4.1 show, edit, delete.............................................................................................................43
3.4.2 new..................................................................................................................................43
3.4.3 show AS clients...............................................................................................................44
3.4.4 new AS client..................................................................................................................44
3.5 Line management....................................................................................................................44
3.5.1 show, edit, delete.............................................................................................................44
3.5.2 new..................................................................................................................................46
3.5.3 show line provider...........................................................................................................47
3.5.4 new line provider............................................................................................................47
3.6 Manage GestióIP (global configuration parameters)..............................................................47
3.6.1 Client independent configuration parameters.................................................................47
3.6.2 Client specific configuration parameters........................................................................49
3.6.2.1 Smallest importable BM..........................................................................................49
3.6.2.2 Ping timeout............................................................................................................49
3.6.2.3 DNS server..............................................................................................................50
3.6.2.4 Manual update.........................................................................................................50
3.6.2.5 Extended support for OCS Inventory NG...............................................................51
3.6.3 Manage audit db..............................................................................................................52
3.6.4 Reset database.................................................................................................................53
3.7 Clients.....................................................................................................................................54
3.7.1 Manage clients................................................................................................................54
3.7.1.1 Add clients...............................................................................................................55
3.7.1.2 Edit clients...............................................................................................................55
3.7.1.3 Delete clients...........................................................................................................56
3.8 Sites and categories.................................................................................................................56
3.8.1 Sites.................................................................................................................................56
3.8.2 Network categories.........................................................................................................57
3.8.3 Host categories................................................................................................................57
3.9 Custom columns.....................................................................................................................58
3.9.1 Predefined custom host columns.....................................................................................58
3.9.2 Predefined custom network columns..............................................................................60
3.9.3 Add columns...................................................................................................................61
3.9.4 Delete columns................................................................................................................61
4 Statistics.....................................................................................................................................62
3
4.1 General overview....................................................................................................................62
4.2 Network/range occupation......................................................................................................63
4.3 Miscellaneous.........................................................................................................................64
5 Database initialization....................................................................................................................64
5.1 Discovery................................................................................................................................64
5.2 Import networks via SNMP....................................................................................................69
5.2.1 Manual import via SNMP...............................................................................................69
5.2.2 Script based network import via SNMP.........................................................................70
5.3 Import from spreadsheet.........................................................................................................70
5.3.1 Import networks from spreadsheets................................................................................71
5.3.2 Import hosts from spreadsheet........................................................................................73
5.3.3 Import VLANs from spreadsheet....................................................................................76
6 Access control................................................................................................................................77
6.1 Authentication.........................................................................................................................77
6.1.1 Default authentication.....................................................................................................77
6.1.1.1 Create new accounts................................................................................................77
6.1.1.2 Change users password...........................................................................................78
6.1.1.3 Delete accounts........................................................................................................78
6.2 Authorization..........................................................................................................................79
6.2.1 Activation........................................................................................................................79
6.2.2 Users................................................................................................................................80
6.2.2.1 Create Users............................................................................................................80
6.2.2.2 Edit Users................................................................................................................81
6.2.2.3 Delete Users............................................................................................................81
6.2.3 User Groups....................................................................................................................81
6.2.3.1 Permissions..............................................................................................................82
6.2.3.2 Create User Groups.................................................................................................84
6.2.3.3 Edit User Groups.....................................................................................................84
6.2.3.4 Delete User Groups.................................................................................................84
6.2.4 User “gipoper” of GestióIP versions <3.2......................................................................85
7 Password Management...................................................................................................................86
7.1 Enabling the password management system..........................................................................86
7.2 Manage device passwords......................................................................................................87
7.2.1 Insert a new device password..........................................................................................87
7.2.2 Show device passwords..................................................................................................87
7.2.3 Edit device passwords.....................................................................................................87
7.2.4 Delete device passwords.................................................................................................87
7.3 Changing the user password...................................................................................................88
7.4 Changing the master key.........................................................................................................88
8 Advanced functions........................................................................................................................89
8.1 Update check...........................................................................................................................89
8.2 Database configuration (ip_config)........................................................................................90
8.3 Export networks, VLANs or hosts to CSV.............................................................................91
4
8.4 Add a new language................................................................................................................92
9 IPv6 Address plan...........................................................................................................................93
9.1 Direct translation.....................................................................................................................94
9.1.1 Create the address plan...................................................................................................95
9.2 Hierarchical IPv6 address plan based on sites and categories................................................96
9.2.1 Create the address plan...................................................................................................97
10 Automatic update........................................................................................................................104
10.1 Script directory structure....................................................................................................105
10.2 Command line options........................................................................................................106
10.3 Configuration......................................................................................................................107
10.4 Automatic execution with cron...........................................................................................110
10.5 Required Perl Modules.......................................................................................................111
10.5.1 Manual installation of missing Perl modules..............................................................112
10.5.1.1 SNMP::Info and Netdisco MIBs.........................................................................113
11 General information....................................................................................................................114
11.1 Backup................................................................................................................................114
11.2 Firewall rules......................................................................................................................114
11.3 JavaScript............................................................................................................................115
11.4 Cookies...............................................................................................................................115
12 Troubleshooting..........................................................................................................................115
12.1 SNMP..................................................................................................................................115
12.1.1 General SNMP problems............................................................................................115
12.1.2 Problems with VLAN discovery.................................................................................117
12.1.3 Problems with network discovery...............................................................................117
12.2 Database..............................................................................................................................118
12.3 Uninstalling GestióIP..........................................................................................................118
13 Licence.......................................................................................................................................119
Appendix A......................................................................................................................................120
5
1 Introduction
GestióIP is an automated, webbased IP address management (IPAM) software. It supports IPv4 as
well as IPv6. The software is designed to collect information in an automated way, making its
maintenance cost low. It offers web forms to import networks from spreadsheets or from the routing
tables of SNMPenabled devices and web based synchronization of the networks against the DNS.
It also allows for cronscheduled automatic update of the host entries via SNMP, against the DNS
or an OCS Inventory NG that ensures that GestióIP's database is always up to date (see 10).
Over 90% of the work with an IPAM system accounts for access to information. GestióIP is
optimized in order to find easily and fast the desired information by featuring effective search
functions which are accessible from every page, allowing the use of InternetSearchEngine
equivalent expressions (see 2.4).
Since the system disposes about customizable columns, GestioIP's network and host list views can
be adapted to meet the specific needs for every organization (see 3.9).
However, it also depends on users. Users can introduce the information in user's field of
responsibility which seems relevant for this user or for their colleagues: The windows admin can
put e.g. comments like PDC domain XYZ, BDC... The database admin can introduce the SIDs...
and the network admin can add a comment like "TFTP" or mark the administrative interfaces of the
firewalls and routers. If this is done, GestióIP can be more than an overview of current networks
and IP addresses. It is a knowledge base for the small things admin must remember every day.
6
2 Use
2.1 Access
Open the following URL to access GestióIP:
http://servername/gestioip
Replace "servername" with the DNS name or the IP address of the web server.
rw default user: gipadmin
ro default user: gipoper
Use the passwords which you introduced during the installation (using command htpasswd).
2.2 Show networks
GestióIP's front page gives an overview of all networks.
Fig. 1: Front Page (network list view)
Click over the corresponding network to list all of it's IP addresses or access directly to
history of this network
7
general information about this network (% usage and subnetcalculator like information)
host overview of this network
Hover over the bitmask (BM) of the networks to display the netmask and the maximal number of
hosts.
Fig. 2: Details shown by hovering over a BM entry
With the filter “IP version” you can choose if IPv4 or IPv6 networks should be displayed
Note
GestióIP default mode is “IPv4 only”. To enable IPv6 support go to “manage”>”GestióIP”, set
parameter “IPv4only mode” to “no” and click “save”.
With the filters "site" and "category" you can list networks by site and/or by category. You can for
instance list all networks from site X, all networks of the production environment or all networks
from site X which are in the production environment.
With the filter “show supernets” and “show endnets” you can determine which type of networks
should be shown ()
Note
Use “network quick search” to locate individual networks. Search e.g. for “150” to find network
192.168.150.0. Or use “network quick search” or to display network ranges. Search e.g. for
“192.168” to display all networks which IP include 192.168 (see 2.4).
2.2.1 Root networks
GestióIP supports to types of networks. Root networks which can contain other networks but no
host entries and end networks which contain the host entries.
8
Root networks are containers for networks permitting to structure organization's networks
hierarchically. Root networks can contain end networks as well as other root networks.
Activate checkbox “show rootnets” to display the root networks within network list view. Root
networks are displayed with a brown background.
Fig. 3: Network list view showing root networks
Clicking over a root networks displays all networks which are included within this range as well as
the free ranges between the defined end networks.
Fig. 4: Root network lis view
9
2.3 Show hosts
GestióIP offers three different views of networks: host list view, host overview and host status view.
2.3.1 Host list view
To list all IP address of a network, open the front page and click over the corresponding network.
Fig. 5: Host list view (standard columns)
Click “free” to show only unassigned or “used” to show only assigned IP addresses.
The colored point in front of the IP addresses shows the result of the last check via “ping” (see 10).
By hovering over the point, date of last check will be displayed. Clicking the point executes the
host check.
host list view offers at the end of each line furthermore links to
access the history of this IP address
edit the entry
delete the entry
and links to the following network manipulation buttons at the top of the page.
edit – to resize bitmask or edit description, site, category, comment or status of automatic
synchronization (see 3.2.2.1)
10
reserved ranges – to reserve or delete reserved IP address ranges (see 3.2.2.2)
manual update – to synchronize the network entries against the DNS (see 3.2.2.3)

manual update via SNMP – to synchronize the networks via SNMP (see 3.2.2.4)
split network – to split network into smaller subnets (see 3.2.2.5)
clear network – delete all entries of the network (entries of reserved ranges will be
maintained) (see 3.2.2.2)
Note
Functions “reserved ranges”, “manual synchronization”, "network overview" and "host status
view" are not available for IPv4 networks with a BM smaller than 20 and IPv6 networks with prefix
length smaller than 120.
2.3.2 Host overview
The host overview gives an overview about the host types of a network.
Fig. 6: Host overview
Access to edit host form by clicking on an IP address.
11
2.3.3 Host status view
Host status view shows the status of all IP addresses of a network in a compact manner.
Fig. 7: Host status view
Execute the host check by clicking on an IP address. To check the status of all addresses of a
network click "check all IPs". Unassigned addresses will be indicated with a blinking number.
2.3.4 Host check
To execute the host check access the relevant network and click over the point in front of the IP
address.
Fig. 8: "Host check" execution from host list view
GestióIP checks the IP address with an ICMP echo request ("ping") and executes a DNS PTR
12
query. When the IP address has an PTR entry, GestióIP executes a DNS A query with the result of
the PTR query.
Fig. 9: Host check window
The host check is also available from host status view and from the edit hostform.
Note
If results of DNS A and PTR query don't correspond make sure that there is no DNS
misconfiguration.
13
2.4 Search functions
GestióIP offers two different search engines. The quick search and the advanced search.
Note
You can export the search result to CSV format by clicking the link “export search result”.
2.4.1 Quick search
The quick search for networks and for hosts in the menu bar are accessible from all pages.
The quick search for networks executes a search in the following database fields: network (IP),
description, site, category, comment and custom network columns.
The quick search for host entries searches the fields IP, hostname, description, site, type, comment
and custom host columns.
The quick search allows Internet Search Engine equivalent expressions like string_to_ignore,
+exact_match and "exact match". A single string will be processed like "%searchstring%". By
using searchstring "192", GestióIP lists all networks with an ID containing "192". With search
string "dhcp", it lists all networks with descriptions or comments containing "dhcp". With search
string “192 prod” it will list all networks of production environment whose ID contains “192”.
The search isn't case sensitive.
Search expression examples:
entry: foo bar
expression result
fo match
FO match
foo match
bar foo match
foo ba match
foo bar no match
+fo no match
+foo match
"bar foo" no match
"foo bar" match
"oo ba" match
14
2.4.2 Advanced network search
The advanced search executes a search in specific database fields.
Fig. 10: Advanced network search
You can search for instance all production networks which are not included within the automatic
synchronization (see 10) or all networks of site xy where the description contains "backup".
When the checkbox "to change/delete networks" is checked, the network manipulation buttons
change, ranges, synchronize, split, clear and delete networks are shown within the search result.
Note
If you have multiple clients configured, there appears the new checkbox “client independent
search” which permits to execute a search through GestioIP's database ignoring to which client the
network belongs. The client will be shown within the search result.
2.4.3 Advanced host search
If the checkbox "exact match" behind the hostname field is checked, only hosts with hostname
entries identical to the search string would be listed. If not, the search string would be processed
like "%search_string%".
Example: search for "foo"
Result without marked checkbox: foo, foo1, foo.bar.com...
Result with marked checkbox: foo
15
2.5 History
The history is available for both, networks and hosts. It lists IP address or network specific events
from the audit db. Access network history from the network list view and host history from host list
view by clicking the icon.
Note
History information is extracted from audit log. Deleting old audit events causes history entries to
also be deleted.
2.6 Audit
The audit system logs all events to GestioIP's database.
To access the audit log click on "manage" > "audit".
Fig. 11: Audit log filter
The audit page offers flexible search and filter functions for all audit fields.
"time range" or "date from ... to" mark the radio button to either show entries of a time
range (e.g. last 4 weeks) or to specify a start and an end date.
"search string" search for an individual search string. Searches all audit specific database fields.
"type" search for a specific event type.
GestióIP recognizes the following event types:
event type description
man manual events launched from GestióIP's web interface
auto event created by the automatic updating of GestióIP v2.2.5 (DNS, OCS, import
16
via SNMP)
man dns manual network synchronization against the DNS (via Web interface)
auto dns automatic network synchronization against the DNS
auto ocs automatic network synchronization against the OCS Inventory NG
man snmp manual import of networks from snmpenabled devices
auto snmp automatic import of networks from snmpenabled devices
man net sheet manual import of networks from spreadsheet
man range Events in relation with ranges (create, delete)
man host sheet manual import of hosts from spreadsheet
red cleared all entries of a network manually deleted
"class": Search for event class
GestióIP recognizes the following event classes:
event class description
host for events related to host entries (e.g. host deleted, host edited, ...)
net for events related to networks (e.g. network added, network split, reserved range
added, network synchronized against DNS, ...)
security for events related to security (e.g. old audit events deleted)
dns unused
admin For changes in GestioIP's configuration
conf automatic network synchronization against the DNS
man_vlan manual events related to to VLANs
vlan_auto automatic update of VLAN database
ini_man Manual execution of discovery process
ini_auto unused
AS For events related to autonomous systems
AS client For events related to autonomous systems clients
line For events related to leased or dialup lines
line client For events related to leased or dialup lines clients
"event": Search for events like (host edited, host deleted, range added, ...)
17
"entries/page": Define the number of found entries per page.
“user”: Can be found using the field “search string”.

The shown user can either be a system user (for AUTO events) or a GestióIP user (for MAN events
created from actions carried out manually via front end Web).
Note
If you configure authentication with individual accounts, audit will show individual users (see 2.6).
When using generic accounts (e.g. gipadmin) it is not possible to directly reproduce who has made
which changes.
Format of entries:
Hosts events: IP, hostname, description, site, category, comment, administrative interface
Network events: IP/bitmask, description, site, category, comment, synchronized
Note
If you have multiple clients configured, there appears the new checkbox “all clients” which
permits to perform a client independent search through GestioIP's database. The client will be
shown within the search result.
Note
To delete old audit events or to see how many events are currently stored in the database, go to
“manage” > "manage GestióIP”
18
3 Administration
3.1 Administration of host entries/IP addresses
To manage host entries/IP addresses, access host list view by clicking on the relevant network.
Fig. 12: Host list view
3.1.1 Insert or edit host entries
Click on the "edit" icon behind the IP address to insert or edit host entries .
Fig. 13: Edit host form with enabled custom columns “vendor”, “model” and “URL”
19
Hostname – Name to identify the node. If a node has more than one interface it is advisable to
introduce the same hostname for all IPs or to introduce the hostname in the comment field of all IPs
of the node – so that the search function finds all IPs of a node when searching for its hostname
mandatory field
Description – Short description of the node optional field
Site – Physical location of the node – mandatory field
Category – Category of the node – optional field
AI (Administrative Interface) – To mark the IP address to access the node (to administrate it) in
case the node has more than one network interface – optional field
Comment – To point out whatever seems to be interesting regarding this node – optional field
UT (Update Type): Relevant for manual synchronization against DNS and automatic update (see
10)
 man – Entries which are marked as "man" will never be overwritten.
 ocs – Entries created by the automatic update against an OCS Inventory NG. Entries
which are marked as "ocs" will not be overwritten by manual or automatic update
against DNS.
 dns For entries created by manual or automatic update against DNS. Entries which are
marked as "dns" will be overwritten by automatic update against DNS and OCS.
 Entries with no update type will be overwritten by manual and automatic update against
DNS and OCS.
Custom columns
With configured predefined or self defined columns there appear textboxes for every of these
columns, permitting to edit the value (see 3.9).
Note
To prevent an entry from being overwritten by the automatic update, it must be classified as
"man".
3.1.2 Delete host entries
Click “delete" to drop host entries from GestióIP's database.
20
3.1.3 Host mass update
Host mass update feature offers the possibility to perform actions on multiple host entries at once.
It allows to edit one or multiple host column entries or to delete multiple host entries.
3.1.3.1 Edit multiple host entries
To edit multiple host entries access to host list view, mark the corresponding checkboxes in front of
the host entries to edit, select action type “edit”, select the columns to edit and press “mass update”
Fig. 14: Edit multiple host entries
Edit the values and press “change” to save them to the database.
Fig. 15: Edit multiple host entries form
21
Note
If a entry without assigned host is edited, the hostname will be automatically set to “unknown”
Note for custom column “URL”
Custom column “URL” allows to use variables for the IPaddresses and for the hostnames (see
3.9.1).
If the “URL” entry is equal for all selected host, the entry will be proposed as URLvalue when
entering multiplehostentriesform.
3.1.3.2 Delete multiple host entries
To delete multiple host entries access to host list view, mark the corresponding checkboxes in front
of the host entries to delete, select action type “delete” and press “change”.
22
3.2 Network administration
GestióIP offers several tools to create, delete or manipulate networks.
3.2.1 New add networks manually
To add a new networks manually, click “networks” > "new" on the menu bar.
The new form offers the possibility to create one network, multiple consecutive networks with the
same bitmasks or multiple consecutive networks with different bitmasks.
3.2.1.1 Create one network

Fig. 16: "new network" form create on network
network – ID of the network. e.g.: 192.168.0.0 – mandatory field
BM (bitmask) – Bitmask of the network – mandatory field
description – Short description of the network – mandatory field
comment Optional comment
site – Where is the network “physically” located? When the site of the network is changed (or
renamed), site of the host entries of the network will be changed as well – mandatory field
23
category To categorize the network in e.g. production, preproduction, development – mandatory
field
root network – check this box if the new network should be a root network
include network within automatic update – To include the network within the automatic update
(see 10) only available for endnets optional field
Click on the “calculate“ link to check whether network and bitmask are correctly introduced.
3.2.1.2 Create multiple networks with same bitmasks
With the create multiple networks form it is possible to create up to 50 consecutive new networks in
one step. Enter the network ID (e.g. 172.16.0.0), choose a bitmask and choose the number of
networks to create.
Fig. 17: "new network" form – create muliple networks with same BMs
3.2.1.3 Create multiple networks with different bitmasks
With this form you can create multiple networks with different bitmasks.
Introduce the bitmasks in the following format: /BM1/BM2[/BMn].
24
Fig. 18: "new network" form – create new networks with different BMs
Example
To create networks 4.4.1.0/25, 4.4.1.128/27, 4.4.1.160/27, 4.4.1.192/26 in one step, introduce the
following values:
first network: 4.4.1.0
bitmasks: /25/27/27/26
Note
"show free ranges" view offers the possibility to create new networks directly by clicking a free
range.
3.2.2 Change/delete networks
Click “networks” → "change/delete" on the menu bar to access the network manipulation form.
Fig. 19: "change/delete" network form
25
The change/delete form offers the following functions:
Edit – To resize bitmask or edit description, site, category, comment or status of automatic
synchronization (see 3.2.2.1)
Reserved ranges – To reserve or delete reserved IP address ranges (see 3.2.2.2)
Manual synchronization via DNS – To update the network entries against the DNS (see
3.2.2.3)
Manual synchronization via SNMP – To update the network entries via SNMP (see
3.2.2.4)
Split network – To split network into smaller subnets (see 3.2.2.5)
Clear network – Delete all entries of the network (entries of reserved ranges will be
maintained) (see 3.2.2.2)
Delete network – Delete network with all entries and reserved ranges (see 3.2.2.7)
3.2.2.1 Edit
Click "networks" > "change/delete/" > “edit” to resize the bitmask or to edit description, site,
category, comment, sync (synchronization) or custom columns values.
Fig. 20: "edit network" form with enabled custom column “VLANs”
26
For a description of the fields see 3.2.1.
Clicking on the IP address executes the host check.
3.2.2.2 Reserved ranges
GestióIP offers the possibility to reserve ranges for special usage (e.g. for DHCP). This option is
only for IPv4 networks available.
Creating a reserved range, GestióIP adds a comment to the corresponding network and to the hosts
that are included in the range. The host type of the IP addresses of the reserved range is
predetermined (but changeable). This means that automatic update sets host type automatically
when creating new host entries within reserved ranges (e.g. range type: “workst (DHCP) => host
type: “workst”).
Click “networks” > “change/delete” > “ranges” to access range manipulation form.
Note
Host overview shows IP addresses of reserved ranges with a gray background.
Insert ranges
Mark the first and the last IP address of the range you want to add, insert a short descriptive
comment and mark the “range type” (host types of the reserved range). Then click “add” to create
the new range.
Fig. 21: "new range" form
27
Note
If you set configuration parameter “dyn_ranges_only” to “yes” (see 10.3), automatic update will
only process entries of reserved ranges.
Note
When creating a reserved range, all entries between "First IP" and "Last IP" will be deleted.
Delete ranges
To delete a reserved range access to the range manipulation form, choose the range you want to
delete and press "delete" button. This will delete the range with all of its entries from GestioIP's
database.
Fig. 22: "delete range" form
Note
When splitting networks with reserved ranges, the ranges and all of their entries will be dropped.
3.2.2.3 Manual update against DNS
The function "sync" (network synchronization against DNS) is intended to update all IP
addresses of a network with the actual DNS entries. The network synchronization executes an
ICMP echo request (ping) to all IP addresses and an rDNS query of all IP addresses of the network.
The decision if and how an entry is updated follows the following scheme:
Answers to ping? rDNS entry Match ignore or Update? Hostname set to

configured? ignore_generic_auto?
Yes Yes Yes Yes unknown
Yes Yes No Yes rDNS name
Yes No Yes unknown
28
No Yes Yes No
No Yes No Yes rDNS name
No No No
Note
Update type “ocs” or “man” avoids that manual synchronization updates these entries (see 3.1.1).
Note
To prevent that the networks being filled with generic rDNS entries read 3.2.2.3.1.
3.2.2.3.1 Generic rDNS entries
Generic rDNS (PTR) entries are often used in relation with dynamic assigned IP addresses or to
prevent network reverse discovery. With configured rDNS entries you will get a valid answer to
rDNS queries for all addresses of a network (but without useful information content). Generic rDNS
entries may look like this:
1245.domain.org
2245.domain.org
3245.domain.org
....
GestióIP's update functions (AUTO and MAN) update unassigned addresses when they receive a
valid answer to an rDNS query. This causes the database to be filled with (undesired) rDNS entries.
GestióIP offers two mechanisms to prevent the update from actualizing the network with generic
rDNS entries (like 10245.domain.org):
ignore generic auto: Set this value to "yes" if the update script should ignore DNS entries that
match “auto generated generic rDNS strings” and that does not respond to “ping”.
Example:
IP address auto generated generic rDNS string (generated by GestióIP)
192.168.200.8 192168200
200168192
1682008
8200192
29
With ignore generic auto set to "yes" the “auto generated generic rDNS string” matches if your
rDNS entries look like
19216820015.some_string or 15200168192.abc.de.fg
IP addresses with rDNS entries that match “auto generated generic rDNS strings” but don’t answer
to “ping” will be ignored. If the address answers to “ping” and matches “auto generated generic
rDNS strings”, the hostname is set to “unknown”.
ignore: If you use a scheme for rDNS entries other than the schemes supported by GestióIP, the
strings to be ignored can be set here manually. The field accepts a single string or a comma
separated list of strings to ignore.
Example:
To avoid that a network is filled with generic PTR entries like 10.200.168.192.domain.org and
55.0.16.172.domain.org set the "ignore" variable to:
200.168.192,0.16.172
Make sure that the string to ignore is specific for your rDNS entries. If you set ignore in the
example above to "domain", the generic rDNS entries will be ignored but entries such as
"host.domain.org" ("good entries") will be ignored as well.
Note
Configure ignore and ignore generic auto global configuration parameters from manage GestióIP
form (see 3.6).
30
3.2.2.4 Manual host update via SNMP
The manual host update via SNMP offers the option to update the host entries of a network by
querying all IPs via SNMP. Click to access to manual update form.
Manual update via SNMP will try to connect to every IP address of the network and actualize host
information with found values.
Fig. 23: Manual update via SNMP form
Insert a community name (SNMPv1/2c) or a username (SNMPv3), choose SNMP version and click
“discover” to start the update process.
Note
Execution of manual host update via SNMP may take some minutes.
Note
Host update via SNMP actualizes predefined host columns, too (see 3.9).
Note
GestióIP currently supports only SNMPv3 with the Security Level 'noAuthNoPriv'.
3.2.2.5 Split
The split network form offers the possibility to split a network either into smaller networks with the
same bitmasks or into smaller networks with different bitmasks.
Click “networks” > “change/delete” > "split" to access the “split network” form.
31
Fig. 24: "split network" form
To split networks into smaller networks with the same bitmask select the new bitmask and click
“send”.
To split networks into smaller networks with different bitmasks insert a “/” (slash)separated list of
the bitmasks of the new subnets in the “bitmasks” field (/bitmask1/bitmask2[/bitmaskN]) and click
“send”.
Example
If you want to split network 172.16.5.0/24 into the networks
172.16.5.0/25
172.16.5.128/26
172.16.5.192/26
introduce /25/26/26 into the “bitmasks” field.
When the "bitmasks" are correctly introduced, a list of the new subnets is shown. If the list is
correct, introduce description; choose sites and categories for the new networks and press "send" to
split the original network into the new subnets. If the bitmasks are incorrectly introduced, a detailed
error notification will be displayed.
32
Fig. 25: Confirm split network
If the new networks don’t include the entire original network, a warning will be displayed. By
clicking “send” the new networks will be created and the hosts of the original network that are not
included within the new ranges will be dropped.
Note
Splitting a network causes all reserved ranges of this network to be dropped.
3.2.2.6 Clear
Click “networks” > “change/delete” > "clear" to delete all entries of a network.
3.2.2.7 Delete
Click “networks” > “change/delete” > "delete" to delete the network with all of its entries and
reserved ranges from GestióIP's database.
3.2.2.8 Network mass update
Networks mass update feature offers the possibility to perform actions on multiple network entries
33
at once.
It allows to edit one or multiple network column entries, to clear networks (delete all host entries)
and to delete multiple networks.
Go to “network” → “change/delete” to access to network mass update form.
3.2.2.8.1 Edit multiple network entries
To edit multiple networks mark the checkbox in front of the networks to edit, select “edit” from
action select box, select the columns to edit and press “mass update”.
Fig. 26: Network mass update
Edit/select the new values and press “change” to save them to the database.
Fig. 27: Network mass update edit form
3.2.2.8.2 Clear multiple networks
To delete the host entries of multiple networks mark the checkbox in front of the corresponding
networks, select action type “clear” and press “change”.
34
3.2.2.8.3 Delete multiple network entries
To delete multiple networks and all of their host entries mark the checkbox in front of the
corresponding networks, select action type “delete” and press “change”.
3.2.3 Join networks
To join networks click “networks” > “change/delete” > "join" on the menu bar.
Mark two networks that you wish to join and press ENTER or click "join" at the bottom of the page.
Fig. 28: Join networks form
The networks do not need to be consecutive. GestióIP suggests one way to join the networks. The
suggestion can be accepted or the new network can be introduced manually. In case it is not
possible to join the networks directly, GestióIP offers the possibility to introduce the new network
manually.
Format of network for manual introduction: network/bitmask e.g. 192.168.0.0/24
Fig. 29: Confirm join networks
35
3.2.4 Show free ranges
For an overview of the unused spaces between the existing networks click “networks” > "show free
rages" on the menu bar. Click on the unused space to create one or multiple networks directly from
the unused space.
Fig. 30: Free ranges
3.2.5 Subnet calculator
GestióIP's subnet calculator supports both classful and classless networks.
Click “networks” > "subnet calculator" on the menu bar to open the subnet calculator window.
Fig. 31: Integrated subnet calculator
36
Note
The subnet calculator accepts IPs in integer format, too.
Note
The subnet calculater is also available as online version: http://www.gestioip.net/cgi
bin/subnet_calculator.cgi
3.3 VLANs
GestióIP incorporates an automated VLAN management system integrating the possibility to import
VLANs easily from network devices via SNMP.
The predefined network column “VLANs” is aimed to associate VLANs to specific networks. With
configurated VLAN column, VLAN information will be shown within network list view (see 3.9).
3.3.1 show, edit, delete
Access to VLAN list view ("VLANs" > "show") to show, edit or delete VLANs.
Fig. 32: Show VLANs
Click over the symbol to open the VLAN search form.
37
VLAN list view features the following columns
number VLAN number (mandatory).
name VLAN name (mandatory).
description A description for the VLAN (optional).
provider There might be VLANs with different Internet Service Providers (ISPs) contracted. This
column allows to specify an Internet Service Provider (optional).
devices This column lists the network devices where the VLAN was found by VLAN discovery.
Hovering over the IP address displays the device name. This field can not be edited manually.
unified VLANs To associate same VLANs which appears in different devices with different
names ( e.g. VLAN 1 may have the name "default" on one and "default_vlan" on another device)
(see 3.3.3).
3.3.2 New
Click over "VLANs" > "new" to introduce new VLANs manually.
Fig. 33: “New VLAN” form
3.3.3 Unify
Unify VLANs is aimed to associate same VLANs which appear in different devices with different
names, so that they appear like one VLAN in GestióIP's database.
Because VLAN name is configured manually by network administrators, same VLANs may appear
in different devices with different names ( e.g. VLAN 1 may have the name "default" on one and
"default_vlan" on another device). Automatic VLAN importation will import that kind of VLANs
like different VLANs. That causes that this VLANs will appear like two VLANs in VLAN list view.
With unify option it's possible to associate this VLANs so that they appear like one VLAN in
38
GestioIP's VLAN list view.
Click "VLANs" > "unify" to access VLAN unify form. There appear only VLANs with same
number but different names. Mark two or more VLANs with same numbers that should be unified
and click "unify" at the bottom of the VLAN list.
Fig. 34: Unify VLANs form
Select the name that should appear for the unified VLAN and click "send" to unify the VLANs.
Fig. 35: Unify VLANs form
3.3.4 VLAN provider
An organization may have VLANs with ISPs contracted. Option VLAN provider is intended to
associate this VLANs with an ISP.
3.3.4.1 Show VLAN provider
Click "VLANs" > "show VLAN providers" to list, edit or delete VLAN providers.
39
3.3.4.2 New VLAN provider
Click "VLANs" > "new VLAN providers" to access new VLAN provider form
Fig. 36: Add VLAN provider form
To add a new provider introduce a name and an optional comment and click "add".
3.3.5 Import VLANs via SNMP
Click “import/export” > “import VLANs via SNMP” to access to VLAN importation form.
Fig. 37: Import VLANs form
Import VLANs function can be lanced against one device by introducing an IP Address (textfiled
“node”) or against multiple devices which are classified like “L2 device” or “L3 device” by making
them in the “Layer II devices” or “Layer III devices” selectbox.
40
Note
If there are no devices classified with host type L2 or L3 device, there appears the note "No layer
II/III devices defined" . To change the host type of a device go to "show networks", access to the
corresponding network and click device "edit host" button.
Note
Column "switches" of VLAN overview will only be updated if discovery is lanced against a device
from Layer II or Layer III devices select box.
Note
VLAN discovery is base on the Perl Module SNMP::Info (see 10.5.1.1). VLAN discovery works only
with devices supported by SNMP::Info. Consult the device compatibility matrix to verify if your
devices are supported (http://netdisco.org/DeviceMatrix.html). If the device is not supported or if it
is not possible to connect to the device, GestióIP will display the message “CAN NOT CONNECT”.

3.4 Autonomous system management
GestióIP features a simple management system for autonomous systems. To use this feature you
need to enable “autonomous system support” from “manage”>”gestioip” (see 3.6.1). This feature is
thought to be use by Internet service providers (ISP).
Access to autonomous systems list view to show, edit or delete AS ("AS" > "show").
Fig. 38: “Autonomous system list view ”
Click over the symbol to open the AS search form.
AS number AS number (mandatory).
description A description for the AS (optional).
AS client – The client to which the AS is assigned to (optional).
AS client type – The type of client to which the AS is assigned to (optional).
comment – A optional comment.
41
Click to edit the AS
Click to delete the AS from GestióIP's database
3.4.2 new
Click over "AS" > "new" to introduce new AS manually.
Fig. 39: “New autonomous system” form
3.4.3 show AS clients
Autonomous system clients allow to specify to which client an autonomous system is assigned to.
Access to AS client list view to show, edit or delete AS clients.
3.4.4 new AS client
To introduce a new AS client click over “AS” → “new AS client”.
3.5 Line management
GestióIP features a management system for leased and dialup lines. To use this feature you need to
enable “line support” from “manage”>”gestioip” (see 3.5)
Access to least line list view to show, edit or delete the leased lines ("lines" > "show").
42
Fig. 40: “Lines list view ”
Click over the symbol to open the AS search form.
provider – ISP from which the line is contracted
type type of the dialup line (e.g. leased or dialup)
service – service (e.g T1,T3,... for leased or ADSL, SDSL, ISDN, … for dialup)
description – an optional description
phone number – phone number provided by the IPS (for dialup lines)
ad number – Administrativ number assigned by the ISP
site – the site where dialup line ends
room – the room where the dialup line ends
connected device – device which is connected to the leased line (e.g. manufacturer, model)
comment – any kind of comments
3.5.2 new
Click over "lines" > "new" to introduce new leased or dialup lines manually.
Fig. 41: “New line form”
43
3.5.3 show line provider
Line provider allow to specify from which provider a leased or dialup line is contracted.
3.5.4 new line provider
To introduce a new line provider click over “line” → “new line client”.
3.6 Manage GestióIP (global configuration parameters)
GestióIP's configuration is divided in four sections:
• Client independent configuration parameters
• Client specific configuration parameters
• Delete audit events
• Reset database/delete networks
To configure global configuration parameters or to delete old audit events from the database click
“manage” > "manage GestióIP" from the menu bar.
3.6.1 Client independent configuration parameters
default client Client to display when accessing to GestióIP.
IPv4 only mod To enable IPv6 support set this parameter to “no”. With enabled IPv6 support
there will appear new IPv6 related elements within many forms allowing e.g. to import/export,
discover and manage IPv6 networks and hosts.
Autonomous system support – Set this parameter to “yes” to enable the autonomous system (AS)
management system. With enabled AS support there appear a new item “AS” within the menu bar
allowing to access to the AS relevant forms (see 3.4).
Lines support Set this parameter to “yes” to enable the leased and dialup line management
system. With enabled line support there appear a new item “lines” within the menu bar allowing to
access to the Least line management relevant forms (see 3.5).
ask for confirmation If this parameter is set to “yes”, there will be a confirmation window
display when executing “critical” actions like clear network or delete network.
44
MIB directory Directory where Netdisco MIBs are stored (see 10.5.1.1).
Vendor specific MIBs Manufacturer specific directories. This parameter should be only be edited
after updating to a newer version of Netdisco MIBs.
show only networks within rootnets (freerangesview): Set this option to “yes” to prevent that
networks, which are not within the range of a rootnet, are shown in the freerangesview. Uncheck
“collapse rootnets” in freeranges view when using this option.
For information how to configure the “Network Configuration Backup and Management Module”
have a look at it's user guide (http://www.gestioip.net/documentation_gestioip_en.html).
After changing the parameters click “set” to save the new values.
Fig. 42: Client independent configuration parameters
45
Note
After enabling “AS” or “line” support by clicking “set”, the new menu elements “AS”
(autonomous systems) and “lines” will not appear instantly. They will appear after clicking the
next time over any link.
3.6.2 Client specific configuration parameters
With the client specific configuration parameters it's possible to influence GestióIP's comportment.
3.6.2.1 Smallest importable BM
smallest importable BM – IPv4 networks with a bitmask smaller than this parameter will not be
imported.
Example
If GestióIP's SNMP based discovery mechanism imports the network 192.168.0.0/16 from a router,
all other networks within this range (e.g. 192.168.0.0/24, 192.168.1.0/24, …) which are found later
would be ignored because they are “overlapping” with the network 192.168.0.0/16. To avoid that
networks with a bitmask of /16 will be imported set this parameter to a value >= 17.
Note
This parameter has changed from older version. In versions before GestióIP v3.0, networks with a
bitmask < the value of “smallest importable BM” where not presentable in the host views. GestióIP
v3.0 has eliminated this limit and allows now to list IPv4 networks with any kind of bitmask.
Note
This parameter ins not relevant forIPv6 discovery. All IPv6 networks with a prefix length smaller
than 64 will be automatically classified as “rootnetwork” and because of this, this networks will
not cause “overlapping” errors.
3.6.2.2 Ping timeout
"ping" timeout – GestióIP works with Net::Ping::External Perl module. Because the module
ignores timeout argument under Linux, host check and update against DNS work with the default
timeout of 10s. Patch Net::Ping::External Perl module to make the functions which use "ping" faster
(with a timeout of 2 seconds it would be 5x faster).
See http://www.gestioip.net/docu/Ping_External_Timeout_Problem.txt for instructions on how to
46
patch it.
3.6.2.3 DNS server
The following parameters are related to the DNS servers to use for the actual client:
use default resolver Check this radiobutton if DNS queries for this client should be lanced
against the default DNS server (specified in /etc/resolv.conf) (default)
specify DNS server Check this radiobutton if DNS queries for this client should be lanced
against custom DNS servers (host check, update against DNS, update via SNMP).
DNS server IIII Specify here the DNS Server to query in the case that “specify DNS server”
radio button is checked.
Note
GestióIP v3.0 does not support signed DNS zone transfers (TSIG). This will be implemented in next
version v.3.1.
3.6.2.4 Manual update
The following parameters are related to manual update:
ignore String that match generic rDNS entries in the case that your generic rDNS entries don't
match "generic auto PTR entries" (see ignore generic auto). This option allowes the update process
to recognize generic rDNS entries. Example: rDNS entry: dhcp2.3.5.2.gestioip.net > ignore: dhcp
ignore generic auto Set this value to "yes" if the update script should ignore rDNS entries which
follow the “genericauto” scheme. Example: IP: 1.2.3.4 > “generic auto” PTR entries generated by
GestióIP: 432 and 234 (default: yes).
See 3.2.2.3.1 for more information about ignore and ignore generic auto variables
ignore DNS – With this option set to “yes” the update against DNS will use ping only to decide if a
host should be added to the database. rDNS entries will be ignored.
genericdynamic name Set here generic names that match the hostnames associated by an DHCP
server. If an IP address has an entry in the database that match genericdynamic name and does not
respond to “ping” it would be deleted. If you use both update against DNS and update against OCS
Inventory NG, this parameter also avoids actualization created by update against OCS that match
“genericdynamic name” from being overwritten by update against DNS (in the case that
synchronization against OCS's configuration value "set_update_type_to_ocs" is set to "no")
47
Example: If your dynamically assigned names look like PC001, PC002, LAP001, LAP002 set
genericdynamic name to “PC,LAP”.
(coma separated list, case sensitive).
max number parallel processes Maximum number of parallel processes to fork when updating
networks (each process executes a “ping” to, and a DNS A and PTR query of one IP address).
Increasing this value reduces execution time but increases CPU load; decreasing the value increases
execution time but reduces CPU load.
(If the machine that runs GestióIP isn't too occupied, a value of 254 shouldn't be a problem).
After changing the parameters click “set” to save the new values.
Note
High values of max number parallel processes may also cause peaks of the CPU load of the DNS
server.
3.6.2.5 Extended support for OCS Inventory NG
With enabled OCS support there will the new button behind every entry within host list view
be displayed, allowing to fetch directly the information for this IP from an OCS Inventory NG.
48
Fig. 43: Host information fetched from an OCS Inventory NG
Click link “update entry” to update the defined host columns with the information found in the OCS
database.
To enable OCS support set parameter “enable OCS support” to yes and click “save”. After enabling
OCS support there will be new form element to configure the parameter for the OCS displayed. Edit
the parameters and click “save” to save the configuration.
The following parameters are related to OCS Inventory NG support:
enable OCS support set this parameter to yes to enable OCS support. This parameter is only
related to the frontend web and does not affect the automatic update against OCS.
OCS DB name name of OCS database
OCS DB user name of OCS database user
OCS DB password OCS database password
OCS DB IP address IP address of the OCS database server
OCS DB port Port where the OCS databse is listening (default: 3306)
3.6.3 Manage audit db
Audit database will grow with time.
You can delete events created by
automatic update against DNS,
SNMP or OCS (AUTO events) or
events created by actions made via
GestióIPs frontend Web (MAN
events) independently (see 2.6).
49
Fig. 44: Manage audit db
To delete old audit events:
• Choose a time from which the events should be deleted.
• Select if either only events for the actual client or the events for all clients should be deleted.
• Mark check box “keep networks events” if network specific events should be kept.
• Click “delete” to delete the audit events.
Note
With older versions of Mysql “DB total size” may not be displayed.
Note
History information for networks and hosts is extracted from audit log. Deleting old audit events
causes history entries to also be deleted.
3.6.4 Reset database
Resetting the database causes that all networks and hosts of the selected IP version will be deleted
for the actual client. If both, IPv4 and IPv6 is selected, VLANs will also be deleted from GestióIPs
database.
50
3.7 Clients
GestioIP permits to manage different clients with independent networks and VLANs. If there is
more than one client defined, there appears a new select box in the menu bar indicating the actual
client.
Fig. 45: Choose client select box
To change actual client choose the new client from client select box and click refresh
button
Fig. 46: Change actual client refresh button
Note
Client option can be also used to subdivide a complex network infrastructure into sections. You
may create "clients" like "offrange" for your official networks, "privrange" for your privat
networks,... In the case you that discover a infrastructure that is subdivide into sections via the
"client" option, the network devices may hold official and private networks in it's routing tables.
That means that you need to specify the networks which should be imported to make sure, that only
the networks for this "client" will be imported. Specify the first octets of the Networks which should
be imported for this "client" with the option "Process only IPv4/6 networks beginning with" within
the import forms ("discovery" (see 5.1)), "import networks via SNMP" (see 5.2.1) and script
"get_networks_snmp.pl" (see 5.2.2)).
3.7.1 Manage clients
Manage clients form offers the following options:
• list client details
51
• add clients
• edit clients
• delete clients
Click "manage" > "clients" to access to manage clients form.
3.7.1.1 Add clients
When creating the first client, all existing networks, VLANs and sites will be associated with this
client. Because sites are managed client independently you have to insert at least one site for every
new client (text field “sites”) . Multiple sites must be introduced in form of a comma separated list.
Note
You can change sites from "manage" > "sites and categories".
To add the new client complete add client form and click "add". The new client will now appear in
client select box in the menu.
3.7.1.2 Edit clients
Click "manage" > "clients" to access to edit client form. Choose the client you want to edit and
click edit button .
Fig. 47: Edit clients form
Click
"update" at the bottom of the edit client form to save the changes.
52
3.7.1.3 Delete clients
To delete a client choose the client to delete from delete client form an click "delete".
Fig. 48: Delete clients form
Deleting a client causes that all information specific to this client will be deleted (networks, hosts,
sites, audit events).
3.8 Sites and categories
To introduce, rename or delete sites, host categories or network categories, open "manage" >
"sites and categories" on the menu bar.
3.8.1 Sites
GestioIP's sites are indented to associate a physical location (e.g. a data center) within the networks
and hosts.
Note
Sites for network and host are independently configurable. If you have networks that are distributed
over different sites (e.g. A and B) you can create an additional site A_B, assign this new site to the
53
network and assign site A or B individually to the hosts.
Note
With multiple clients configured there will only the sites of the actual client be displayed.
3.8.2 Network categories
During installation GestióIP proposes the following networks categories:
Prod – For networks of the production environment
Pre – For networks of preproduction environment
Test – For networks of test environment
Dev – For networks of development environment
Devtest – For networks of developmenttest environment
Corp – For corporate networks (e.g. with PC of endusers, printers,...)
other – For all other networks
3.8.3 Host categories
GestióIP comes with the following host categories:
L2 device devices that work in layer 2 (e.g. hubs or switches)
L3 device devices that work in layer 3 (e.g. multilayerswitches or router)
FW firewalls
DB for database servers
server any kind of server
workstation workstations
wifi wireless devices
VoIP VoIP phones
printer printers
54
other all other types of devices
Note
Self defined host categories appear in network overview with the "other" symbol.
Note
Default host categories can't be deleted nor renamed.
3.9 Custom columns
GestióIP offers the possibility to define custom columns to be shown in network list view (network
columns) or in host list view (host columns) making it adaptable to organization specific needs.
Fig. 49: Network list view with predefined host columns updated by SNMP discovery
Click "manage" > "custom columns" to define new or to delete columns for networks and hosts.
GestióIP features two types of custom columns: Predefined and self defined columns. Predefined
host columns will be updated by SNMP discovery mechanisms, self defined columns not.
3.9.1 Predefined custom host columns
Predefined custom host columns will be processed by SNMP based discovery mechanisms. For this
reason it's preferable to use predefined columns if available instead of self defined columns.
GestióIP offers the following predefined host columns:
vendor manufacturer (will be displayed with an icon). GestióIP distinguishes actually between
more than 140 manufactures (vendors) which will automatically be recognized by SNMP discovery
functions (see Appendix A for a complete list of the manufacturers)
model model
contact contact (OID system.sysContact)
55
serial serial number
MAC MAC address
OS operating system (will be displayed with an icon). GestióIP distinguishes actually between 22
operating systems which will automatically be recognized by SNMP discover functions (see
Appendix A for a complete list of the operating systems)
device_descr description (OID system.sysDescr.)
device_name hostname (OID system.sysName)
device_loc location (OID system.sysLocation)
URL – external link (will be displayed with an icon). This column allows to configure links to
external web pages as well as to open remote sessions against the host (e.g. ssh, telnet, rdesktop
(rdp), vnc, …). Specify the link in the following format: SERVICE::URL[,SERVICE1::URL1]
Example:
With the following URL entry
mrtg::http://mrtg_server/mrtg/server_192.168.7.1.rrd,ssh::ssh//192.168.7.1,VNC::vnc://192.168.7.
1
URLcolumn will displayed as shown in Fig. 50
Fig. 50: Custom host column “URL”
Custom column “URL” allows to use variables (actually two variables). This is useful in
conjunction with mass update feature (see 3.2.2.8) which gives the possibility to edit multiple
networks at once.
Variable Replaced by
[[IP]] IP address of the host
[[HOSTNAME]] “hostname” entry of the host
Example:
Entry: 192.168.0.10 jupiter description Lond I …
Entry with variable Displayed entry
telnet::telnet://[[IP]] telnet::telnet://192.168.0.10
telnet::telnet://[[HOSTNAME]] telnet::telnet://jupiter
56
telnet::telnet://[[HOSTNAME]].domain.org telnet::telnet://jupiter.domain.org
mrtg::http://mrtg_server/mrtg/server_[[IP]].rrd mrtg::http://mrtg_server/mrtg/server_192.168.0.10.rrd
Note
Not all browser support the format “service://...” for all services.
Note for Firefox users
If you get the error message like “Firefox doesn't know how to open this address, because the
protocol (rdp) isn't associated with any program” open a new Firefox window, type about:config
into the URLfield, click right mouse button → add → new → Boolean, insert the value
“network.protocolhandler.expose.rdp” → false.
When clicking next time over the link, Firefox will ask with which application it should open the
link.
Rack – identificator of the rack where the device is mounted physically
RU – rack unit where the device is mounted physically
switch – network node where the device is connected to. This columns might be processed in a
futur version of GestióIP by network discovery
port – port of the network node where the device is connected to. This columns might be processed
in a futur version of GestióIP by network discovery
linked IP – Allows to associate an IP with one IP or a list of other IP addresses (for example to
associate an internal IP with it's VIP address). Configuring a linked IP for an IP will automatically
create a linked IP entry for the associated IP, too.
Note
Predefined as well as self defined custom columns will be processed by network and host quick
search.
Note
Predefined network column "VLAN" and predefined host columns “MAC”,” Rack”,”switch” and
“port” will not be updated by SNMP based discovery.
Note
If you have multiple clients defined there appears a radio button which let you choose to either add
columns for all or only for the actual client.
3.9.2 Predefined custom network columns
GestióIP disposes about the following predefined custom network columns:
VLAN VLAN column is aimed to associate VLANs with networks to be shown in network list
view.
57
Fav – To mark networks as favorite networks. Activating the Fav column will add the favorite
button ( ) to networklistview to easily list the favorite networks.
VRF – To indicate the VRF name for networks within VRFs.
3.9.3 Add columns
With add columns function you can define new columns to be shown in network or host list view.
Fig. 51: Add host columns form
Choose if the column should either be shown for all or only for actual client and click “add”.
3.9.4 Delete columns
Choose the column which should be deleted and click “delete”.
Fig. 52: Delete columns form
Note
The “delete column form” will only be displayed if there are custom columns defined.
Note
Deleting a column causes that all entries of this column will be deleted from GestióIP's database.
58
4 Statistics
GestióIP's statistics page shows the number of managed networks, hosts and VLAN. It gives an
overview of how many networks and hosts are in the different environments (network categories)
and in the different sites, as well as of the manufacturers of the devices. It offers the possibility to
show the occupation of the networks and network ranges and it allows to list the networks which
only contain host with status “down”.
To access the statistics page go to "manage" > "statistics".
4.1 General overview
Fig. 53: Statistics page
Note
With multiple clients configured, only client specific statistics will be displayed here. To see the
total number of managed clients, networks and host go to “help” > “about”.
4.2 Network/range occupation
In addition, the statistics page offers the possibility to show an overview of net or range occupation.
59
This may be useful to detect poorly utilized address ranges. You can filter the networks that should
appear in the report by IP (or parts of IP), description, site, category and comment.
Fig. 54: Network and range occupation form
4.3 Miscellaneous
This option allow to list networks only containing hosts with status “down” or networks only
containing host with status “down” or status “never checked”.
Fig. 55: Show networks with status “down”
Note
The reason because all hosts of a network appear as “down” may be the missing of firewall rules.
60
5 Database initialization
GestióIP offers several mechanisms to import data into its database.
● networks/hosts/VLANs via SNMP query
● hosts via DNS queries
● networks/hosts from spreadsheets
5.1 Discovery
The Discovery is intended to initialize GestióIP's database after a new installation. It explores the
network infrastructure using SNMP and DNS and adds found VLANs, networks and hosts to
GestióIP's database.
It executes the following processes:
• VLAN discovery via SNMP using Perl Module SNMP::Info
• Network discovery via SNMP querying routing tables from network devices
• Host discovery of new found networks via SNMP using SNMP::Info and own discovery
mechanisms
• Host discovery of new found networks via DNS
The discovery process needs about 45s for one class C networks with 254 addresses, depending on
the value of maxprocs (number of parallel discovery processes) and the CPU/memory of the
server. Note that discovery for one class B network with a bitmask of /16 (65.534 addresses) may
take hours because discovery processes the network portionwise each with 128 parallel processes
(depending of the global configuration parameter maxprocs).
Click “import/export” → “Discovery” to access discovery form.
Note
Discovery process will optionally process networks found by last run of “import networks from
spreadsheets”. So import your network spreadsheets before you execute the discovery process.
Note
Discovery process will update predefined columns, too. So configure predefined columns first
before executing the discovery process.
61
Fig. 56: "Discovery" form
Network devices One or a list of IP addresses of devices holding routing and/or VLAN
information. These are typically network devices like routers or multilayer switches.
Import networks IP version – To choose for with IP version the discovery should be executed
(this option is only available when global configuration parameter “IPv4 only” is set to “no”)
Import routes learned from – To define from which routing protocols the learned networks
should be imported.
SNMP version – To choose the SNMP version which should be used for discovery
SNMPv1 and SNMPv3:
community – SNMP community string
SNMPv3
Selecting SNMP version “v3” there appear SNMPv3 specific options.
62
Fig. 57: SNMPv3 form
username – SNMPv3 username
Security Level – SNMPv3 security level
Auth algorithm – Authentication algorithm (only authNoPriv and authPriv)
Auth password – Authentication password (only authNoPriv and authPriv)
Privacy algorith – Privacy algorithm (only authPriv)
Privacy password – Privacy password (only authPriv)
Process only IPv4 networks beginning with – If you devide a complex network infrastructure into
smaller section via the “client” option (see 3.7) you can specify here the first octets of the networks
which should be imported and processed during the discovery process. To import only networks
starting with 192.168 introduce “192.168”. The field accepts a coma separated list of networks (e.g.
10,172.16,192.168)
Process only IPv6 networks beginning with – Like “Process only IPv4 networks beginning with”
but for IPv6 networks. Example: 2001::ab,2002::
maximal number of parallel discovery processes Number of child processes lanced by
discovery. Augment of this value will speed up discovery process but increase CPU load and
memory usage.
Include networks which were added by last run of import networks from spreadsheet within
discovery mark this checkbox if you want that discovery processes the networks which were
imported by last run of import networks from spreadsheet, too.
Discover new found networks only – If this checkbox is checked, only new found networks will
be processed. If you uncheck it, all found network will be processed.
add comment to found networks mark this checkbox if discovery should add automatically
comment like “Static route from 192.168.239”.
Click “discover” to lance discovery process.
63
It appears a new page offering the options to consult the status of the discovery process or to
interrupt the discovery process.
Fig. 58: "Discovery started” form
Clicking “consult discovery status” opens a new window showing the actual status of discovery
process (Fig. 59). The status page refreshes automatically every 10s during discovery.
Click “stop discovery” to interrupt the discovery process. It may take up to 15s to stop all discovery
child processes.
Fig. 59: Discovery status window
Click link “log file” to display detailed log information of the discovery process. Type “CTR R” to
refresh log file window. The log file will be deleted when discovery process is executed again.
Note
If you use a SNMP community other than the default “public”, SNMP based parts of the discovery
64
process will try to query the devices with community string “public”, too. That makes sure that
devices with the custom community “public” configured, not to be ignored (e.g. it's a common
error to forget to set community for printers or to configure a custom community for a device but
not disable the community “public”). Execute a search for “public” through the audit log to
identify devices with default community strings configured.
Note
You can also consult the audit log to see the details of the discovery process.
5.2 Import networks via SNMP
The "import networks via SNMP" function queries routing tables from SNMP enabled devices and
adds the found networks to the database. Let it run against your layer III devices (e.g. routers or
multilayer switches).
5.2.1 Manual import via SNMP
To import networks via SNMP click “import/export” → "import networks via SNMP" .
Fig. 60: "import via SNMP" form
See 5.1 for a description of the options
65
If the found networks should be included within automatic update, mark "include networks within
the automatic update” checkbox.
Note
If you query devices with enabled dynamic routing protocols (e.g. BGP), a query may take quite a
long time and can cause a "webserver timeout" error (because the routing tables can be very
large). In this case, use script "get_networks_snmp.pl" from the directory “/usr/share/gestioip/bin .
Note
Network import via SNMP will although be executed during discovery process (see 5.1)
5.2.2 Script based network import via SNMP
GestióIP comes with the script "/usr/share/gestioip/bin/get_networks_snmp.pl" to import networks
via SNMP. The script accepts single devices or a list of devices to query and can be executed
manually or by cron.
It reads most parameter from configuration file /usr/share/gestioip/etc/ip_update_gestioip.conf.
However, you have to configure some parameter directly in the script. To do so open the script with
your favorite editor and configure the parameter in the section between
#########################################
### change from here... #################
#########################################
.....
#########################################
#### ...to here #########################
#########################################
get_networks_snmp.pl reads its target nodes from a file called snmp_targets. This file is located in
the directory /usr/share/gestioip/etc/. Open the file and enter the nodes that should be queried (one
host per line).
The script depends on the following Perl modules:
SNMP, Net::IP, DBI
If you execute the script from a server other than that which comes with the installation of GestióIP,
66
you may get an error message such as "Can't locate SNMP.pm in @INC …"
This means that there are Perl modules missing. See 10.5.1 for instructions how to install them.
5.3 Import from spreadsheet
GestióIP possesses flexible mechanisms to import networks or hosts from spreadsheets.
Spreadsheets must have .xls extension (MS Excel). If you use OpenOffice use the "Save As..."
option to save the spreadsheet in .xls format.
5.3.1 Import networks from spreadsheets
Go to "import/export" > mark "networks" radio button and upload the spreadsheet with the
networks to import.
Your spreadsheet may consists of different sheets. In step II you have the possibility to import all
sheets, one sheet by its name or multiple sheets by numbers.
Fig. 61: "Import from spreadsheet" form
To import all sheets mark "all sheets". To import one sheet mark the radio button "sheet name" and
introduce the sheet name (e.g. "server") (see Fig. 62). To import multiple sheets mark the "sheets"
radio button and introduce the numbers of the sheets to import. The form accepts a single number, a
commaseparated list or a range of sheets (e.g. 24 to import sheets "LAN I, LAN II and Sheet4" in
the example below).
67
Fig. 62: Sheet numbers
Next, indicate what information is in each column: Associate the letters of the columns with the
corresponding content.
The letters of the columns are found at the top of each column of your spreadsheet (see Error:
Reference source not found).
networks Column with networks. Example of format supported entries: 192.168.0.0 entries that
don’t match the format will be ignored.
netmask/bitmask Column with netmask or bitmask (columns with mixed netmask and bitmask
are also supported). Example of format supported entries: 24, 255.255.255.0 entries that don’t
match the format will be ignored.
networks and netmask/bitmask in one column Column with both network and net/bitmask. If
your spreadsheet contains one column with both networks and net/bitmasks, leave networks and
netmask/bitmask blank.
Examples of supported formats:
1.1.1.0/24, 1.1.1.0/255.255.255.255, 1.1.1.024, 1.1.1.0 – 255.255.255.0, 1.1.1.0 xyz 24
Network entries that don’t match the supported formats will be ignored.
description Column with network descriptions – optional.
site Column with sites. The sites of the networks to import must be identical to the sites in
GestióIP's database. If the site doesn't exist in the database it will be ignored – casesensitive –
optional.
category Column with categories. The category must be identical to the categories in GestióIP's
database. If the category doesn't exist it will be ignored – casesensitive – optional.
comment Column with comments – optional.
Mark "include networks within automatic update" if the network should be processed by automatic
update.
68
Fig. 63: Spreadsheet to import
Note
Old script “import_from_excel.pl” is obsolete and not longer included within GestióIP.
5.3.2 Import hosts from spreadsheet
To import hosts from spreadsheets into GestioIP's database click “import” > mark ”hosts” radio
button and upload the spreadsheet containing host entries to import.
Note
The networks containing the hosts to import must exist; so import or introduce networks first.
If import function doesn't find an adequate network for the host entries, they will be ignored.
Indicate if you want to import all sheets, one sheet by its name or multiple sheets (see. 5.3.1).
Indicate the format of the IP addresses in the spreadsheet:
69
Fig. 64: Indicate IP address format
If your spreadsheet contains IP addresses in standard format (e.g. 82.98.146.69) select “standard”
radio button. If your spreadsheet contains only the last octet of the IP address, mark “only last
octet” and specify the field containing the network address (e.g. A1). Networks must have one of
the following formats:
NetworkID/netmask (192.168.9.0/255.255.255.0)
NetworkID/bitmask (192.168.9.0/24)
Leading or following strings will be ignored (e.g. the entry “Network 192.168.9.0/24 XXX” will
also be accepted) (see Fig. 65).
Fig. 65: Spreadsheet containing last octet of IP addresses to import
Next, associate the letters of the columns with the corresponding content (see 5.3.1) and click
“import”.
70
Fig. 66: Import spreadsheet containing last octet of IP addresses
5.3.3 Import VLANs from spreadsheet
To import VLANs from spreadsheets into GestioIP's database click “import” > mark ”VLANs”
radio button and upload the spreadsheet containing VLANs to import. Choose the sheets that should
be imported, associate letters and columns and click “import”.
71
6 Access control
Because of historical reasons, authentication and authorization is handled different.
The authentication (identification of users) is carried out through mod_auth of the Apache web
server. It not made by GestióIP software itself. The authorization (granting permissions) is made by
GestióIP. This means that the authentication is configured in the Apache configuration file and the
authorization is configured with the GestióIP web interface.
6.1 Authentication
GestióIP's authentication process is carried out through Apache's mod_auth. The default installation
works with “HTTP Basic Authentication”. But you can use any kind of authentication which is
supported by the Apache web server (e.g. user/groups, LDAP, MS Active Directory,
certificates, ...). You can find sample Apache configurations with authentication against a LDAP
directory, against KERBEROS 5 and against a Microsoft Active Directory in the documentation
page of http://www.gestioip.net.
6.1.1 Default authentication
During the setup, the administrator creates manually the default user "gipadmin (using the
command “htpasswd”). That means that there is no “default password”. The user is authenticated
with the password which were created during setup. The default user has access to all functions of
GestióIP.
Note
To enhance security it is recommended to configure authentication with individual accounts. This
has the advantage that MAN audit events can be associated with a specific user.
6.1.1.1 Create new accounts
To create new accounts to use with “HTTP Basic Authentication” you need to add a user with the
command “htpasswd” and configure new "Require user" directives in Apache's configuration file
“gestioip.conf”.
Users are stored in the password file “usersgestioip” which you find in the configuration directory
of the Apache Web server (e.g. /etc/apache or /etc/httpd, depending the Linux distribution). To
create a new account change to Apache's configuration directory and execute the following
command from a shell:
72
$ sudo htpasswd ./usersgestioip newaccount
GestióIP's Apache configuration gestioip.conf is stored in Apache's include directory (e.g.
/etc/apache/conf.d, /etc/httpd/conf.d, /etc/apache/sitesenabled – depending of the Linux
distribution).
To habilitate the new account you need to add a "Require User" directives for the directories
DocumentRoot/gestioip (ro/rwuser) and DocumentRoot/gestioip/res (rwuser) to Apache's
“gestioip.conf”.
For a rwuser open gestioip.conf with your favorite editor and search the lines
Require user gipadmin
Copy and insert the line and replace "gipadmin" with the new account (newaccount). Close and
save “gestioip.conf”.
To take changes affect you need to reload the Apache Web server.
Note
“gestioip.conf” contains one “Require User” directive for a rouser and two directives for a rw
user.
6.1.1.2 Change users password
To change a user password go to Apache's configuration directory and execute the following
command from a shell:
$ sudo htpasswd ./usersgestioip account
6.1.1.3 Delete accounts
To delete a GestióIP account, authenticated by “HTTP basic authentication”, you need to delete it
from the password file usersgestioip (e.g. in /etc/apache/ or /etc/httpd/) and from GestióIP's Apache
configuration gestioip.conf (e.g. in /etc/apache/conf.d or /etc/httpd/conf.d).
To delete a account from the password file change to Apache's configuration directory and execute
the following command from a shell:
$ sudo htpasswd D ./usersgestioip account
To delete an account form GestióIP's Apache configuration open “gestioip.conf” with your favorite
73
editor and delete the directives “Require user account”
Reload the Apache Webserver to take changes affect.
6.2 Authorization
The authorization for the different functions of GestióIP is made by the GestióIP software. It is
disabled by default.
The permissions to access the different features of GestióIP are defined for the User Groups. To
assign permissions to a User make it member of an adequate User Group.
To enable the authorization feature you need to execute the following steps:
• Activate the authorization feature.
• Adapt the default user groups to you requirements or create user groups.
• Create users and assign the adequate user group to the user.
Note:
If you use the authorization feature it is recommended to use individual accounts for every GestióIP
user.
6.2.1 Activation
To activate the authentication go to “manage” → “manage GestióIP”, set the parameter “User
management” to “yes” and click “save”. This will create an entry for the actual user in the user
database and make it member of the group “GestióIP Admin”, which has all permissions, including
the permission to create new users and user groups.
Activating the authorization feature also creates the two new menu items “Users” and “User
Groups” under “manage” item (after activating authorization click over any link to make the new
menu items appear).
74
Fig. 67: Menu items “Users” and “User Groups”
6.2.2 Users
With activated authorization feature you need to define GestióIP users for all users which should
access to GestióIP. The GestióIP users must be the same user which are used for authentication (see
6.1).
Access to “manage”>”Users” to create, update or delete GestióIP users.
Fig. 68: User list view
6.2.2.1 Create Users
Click “add User” to create new Users.
75
Fig. 69: Add User form
name: Username. Usernames must be the same names as the usernames which are used to access to
GestióIP's. (mandatory)
User Group: The user group determine the permissions of the user. (mandatory)
email: email address of the [email protected]. (optional)
phone: phone number. (optional)
comment: An optional comment.
Click “add” to create the new User.
6.2.2.2 Edit Users
Click over the symbol to access the editUser form.
6.2.2.3 Delete Users
Click over the symbol to delete users.
Note:
The actual User can not be deleted.
6.2.3 User Groups
User Groups are used to determine the User permissions. Access to “manage”>”Users Groups” to
create, update or delete GestióIP User Groups.
76
Fig. 70: User Group list view
GestióIP comes with three default User Groups:
• GestióIP Admin: Group with all permissions
• Admin: Group with all permission except the permissions to manage users and to change
the GestióIP configurations
• Read only: Group with permissions to show, but not to edit networks, host, VLANs, AS and
leased lines.
6.2.3.1 Permissions
The authorization system offers the following permission:
Global Permissions
• Manage GestióIP permissions – permission to display and change all function under
“manage”>”manage GestíóIP”
• Manage user permissions – permissions to create, read, update and delete Users and User
Groups
• Manage sites and categories permissions to create, read, update and delete sites and
categories
• Manage custom columns permissions to create, update and delete custom host and
network columns
• Read audit – permissions to access audit log
• clients to select if the nonglobal permissions should be available for all or only for a
specific client
Client specific permissions (nonglobal permissions)
Networks
• create networks permission to create networks
• read network information permission to list networks
• update network information permission to update networks
• delete networks permission to delete networks
77
Hosts
• create hosts permissions to create host
• read host information permission to list host entries
• update host information permissions update hosts
• delete hosts permission to delete hosts
• Execute update against DNS
VLANs
• create VLANs – permissions to create VLANs
• read VLAN information – permissions to list VLANs
• update VLAN information – permissions to update VLANs
• delete VLANs – permissions to delete VLANs
Configuration Management (CM)
• Show backuped device configurations – permissions to show the stored configurations of
the network devices
• Upload device configurations – permissions to upload configurations or files to devices
which are under control of the CM module
• Administrate CM – permissions to change the CM configuration for devices
Autonomous Systems
• create AS – permissions to create ASs
• read AS information – permission to list ASs
• update AS information – permissions to update ASs
• delete AS – permissions to delete ASs
Leased Lines (LLs)
• create Leased Lines – permissions to create LLs
• read Leased Line information – permissions to list LLs
• update Leased Line information – permissions to update LLs
• delete Leased Lines – permission to delete LLs
78
6.2.3.2 Create User Groups
Click “add User Group” to create new Users Groups.
Fig. 71: Add User Group form
name – User Group name (mandatory)
description – an optional descriptions
Assign the desired permission to the User Group by selecting the adequate permission checkboxes.
6.2.3.3 Edit User Groups
Click over the symbol to access the editUser form.
6.2.3.4 Delete User Groups
Click over the symbol to delete users.
Note:
The actual User Group can not be deleted.
79
6.2.4 User “gipoper” of GestióIP versions <3.2
The authorization system which was implemented in release 3.2 eliminates the need of the old ro
user “gipoper”. That affects the Apache configuration. As the authorization is now made by the
GestióIP software, there is not longer the need of the directives for the directory
[DocumentRoot]/gestioip/res. It is recommended to delete the configuration part for the “res”
directory from the Apache configuration file for GestióIP (gestioip.conf):
<Directory "/var/www/gestioip/res">
AddHandler cgiscript .cgi
AddDefaultCharset utf8
AllowOverride None
Options +ExecCGI
AuthType Basic
AuthName GestioIP
AuthUserFile /etc/apache2/usersgestioip
Require user gipadmin
ErrorDocument 401 /gestioip/errors/error401.html
</Directory>
Restart the Apache web server to take the change affect.
80
7 Password Management
GestióIP from version 2.3.8 incorporates a password management system which allows to store and
show device password. All keys are stored in encrypted form in the database.
The password management system uses the following keys:
• One master key – to encrypt/decrypt the device passwords
• Individual user passwords for each user – to encrypt/decrypt the master key.
• Device passwords – stored passwords of the devices
Every user has it's individual user key. The user key is used to encrypt/decrypt the master key. The
master key is used to encrypt/decrypt the device password.
7.1 Enabling the password management system
The password management system is per default disabled. To use it, you need to enable it first.
To enable the password management system go to manage > manage GestióIP, set “Password
management enabled” to yes and press “set”.
Note
To use the password management you need also enable the user management system
After clicking over any link there appears the new menu item manage > manage password.
Go to manage > manage password and introduce a user password and the master key (“Insert
Master key” form). The user password is individual for each user and is used to insert and show the
device passwords.
Fig. 72: Insert master key form
81
7.2 Manage device passwords
After enabling the password management system there appears a new keybutton for every IP
within the hostlistview ( ).
Clicking over the button opens the manage device passwords form:
Fig. 73: Manage device passwords form
To insert, show or edit device passwords introduce your user password, first.
7.2.1 Insert a new device password
Introduce your user password and click over “insert password”.
Introduce a name, the device password and an optional comment and click “add”.
7.2.2 Show device passwords
To show a password introduce the user password and click over the eye symbol. To show all
passwords click “show all passwords”
7.2.3 Edit device passwords
To edit password click over the edit symbol

7.2.4 Delete device passwords
To delete a password click over the delete symbol
82
7.3 Changing the user password
To change the user password go to manage > manage passwords and insert the old and the new user
password and press update.
Fig. 74: Update user password
7.4 Changing the master key
To update the master key go to manage > manage passwords, insert you user password and the new
master key. Click “update” to save the changes.
Fig. 75: Update master key
Note
Updating the master key requires that all other users update their master key, too.
83
8 Advanced functions
8.1 Update check
GestióIP disposes about a mechanism to check if there are software updates available. Click over
“help” → “check for updates” to execute the update check.
In the case that there are updates available, the updatecheck shows a link to download the last
actualization tarball, as well as a link to the change log and an explication how to apply the update.
Fig. 76: Online update check
84
8.2 Database configuration (ip_config)
The database configuration of GestióIP is stored in /DocumentRoot/priv/ip_config
Because the database password is stored in clear text, the Apache web server must be correctly
configured and the permissions of the configuration file (500) must be correctly set. To check
whether the Apache2 web server is correctly configured, you can try to access the configuration of
GestióIP with a browser. Open the following URL with a browser:
http://servername/gestioip/priv/ip_config
You should receive an "access denied" message. In case it is possible to access the file “ip_config”,
check file permissions of “ip_config” and review the configuration of Apache2.
Configuration parameter description:
parameter description
bbdd_host Host where the GestióIP Mysql database runs
bbdd_port Port on which the database listens
sid_gestioip SID of the GestióIP database
user_gestioip GestióIP database user
pass_gestioip GestióIP database user password
8.3 Export networks, VLANs or hosts to CSV
GestióIP includes the possibility to export networks as well as host to CSV files (comma separated
list) which you can import easily e.g. into LibreOffice or MS Excel.
Click “import/export” → “export networks or hosts to CSV” to access the export form.
85
Fig. 77: Network, VLAN or host export form
There is either the option to export all networks/VLANs/hosts or to export networks, VLANs or
hosts with match a specific string. The string could be an IP address (or a part of an IP address), a
part of the description, site, category or comment.
Host export offers furthermore the option to export all IP addresses of a dedicated network by
introducing the network ID (e.g. 172.16.4.0) into the textbox “from network”.
Click “export” to execute export function. After a successful export a link to download the exported
data is shown.
Fig. 78: Link to download the exported data
86
When importing the data into a spreadsheet application choose “UTF8” like character set and “,”
(coma) like separator.
8.4 Add a new language
Currently GestióIP supports the following languages: Catalan, Spanish, Italian, German and
English. GestióIP possesses a system that makes it easy to add new languages. To add a new
language you need to translate on of the files containing the language variables.:
To translate the languagefile make a copy of one of the existing language files (e.g.
/DocumentRoot/vars/vars_en) and name it vars_xy (replace the xy with the abbreviation of the new
language – for French "vars_fr", for Danish "vars_dk". The abbreviation must contain two or three
characters). The file contains variables such as:
name_of_the_variable=value of the variable
example file /DocumentRoot/vars/vars_en
mostrar_redes_message=show networks
mostrar_red_message=show network
busqueda_detallada_message=advanced search
crear_red_message=create new network
Translate the text starting at the right of the "="
Special characters must be introduced encoded in HTML (ú > ú)
And...
Send the new language file to [email protected]. It would be a pleasure to include
support for your language within the next actualization of GestióIP!
87
9 IPv6 Address plan
GestióIP offers tools which can help to build to your organization adapted IPv6 address planes.
It supports two different methods to create IPv6 address plans: Translation of the existing IPv4
subnet scheme to IPv6 on the base of an IPv6 address block or to create an hierarchical IPv6
address plan on the base of sites and categories.
9.1 Direct translation
With this method you can translate the whole or a recognizable, unique part of the IPv4 address
ranges to IPv6. It bases on an specified IPv6 address block. The octets of the IPv4 addresses are
translated one by one to an hexadecimal value. The corresponding IPv6 networks are created from
the given IPv6 address range plus the to hexadecimal converted values of the individual octets of
the IPv4 address.
Example
IPv6 address block to build the plan from: 2001:bd8::
IPv4 address range used by organization: 192.168.0.0192.168.255.255
Example network: 192.168.190.32/27
Octett Decimal hexadecimal

oct1 192 C0
oct2 168 A8
oct3 190 BE
oct4 32 20
If it is possible to traduce all IPv4 networks or only a part of them to IPv6 depends in the prefix
length of the specified IPv6 address block. Prefix Length > 32 do not offer enough bits to map the
whole IPv4 address space. If you use an IPv6 address blocks with a prefix length > 32 you must
curtail the IPv4 address range you want to translate. Table above shows the translated IPv6 address
for different combinations of Prefix Length, IPv4 octets and the IPv4 bitmasks (IPv6 address block
2001:bd8:: and IPv4 network 192.168.190.32/27).
88
Prefix legth Requiered IPv4 Translation only for translated IPv6 address

octets networks with IPv4
Bitmask
<=32 all 2001:db8:C0A8:BE20::
3340 oct1 all 2001:db8:A8BE:2000::
4148 oct1 + oct2 1724 N/A (network Bitmask is 27)
oct1 + oct3 + oct4 2532 2001:db8:0:2000::
9.1.1 Create the address plan
To translate your existing IPv4 networks to IPv6 click over “networks”> “IPv6 address plan”.
Step (1)
Introduce the IPv6 address block you want to create the plan from and “press send”.
Fig. 79: Create hierarchical IPv6 address by translation existing IPv4 networks
Step (2)
Curtail the IPv4 address range you want to translate by introducing the required or optional octets
of the IPv4 address range. If you work with an IPv6 address block with a prefix length > 40 you
need to specify at least the first two octets. By introducing the first two octets, only the IPv4
networks with bitmask from 1724 will be translated. By introducing the first three octets, only the
IPv4 networks with bitmasks for 2532 will be translated.
89
Fig. 80: Curtail address range to translate
After clicking “send”, a list with the networks to create will be displayed. To create the new IPv6
networks within GestióIP's database edit the networks fields and press “create”. To avoid that
specific networks will be created, unselect the checkbox “create” behind the regarding networks.
9.2 Hierarchical IPv6 address plan based on sites and
categories
GestióIP's hierarchical address plan builder offers the possibility to map the network structure of an
organization to the (physical) structure of it's sites and networks categories. Therefore it's necessary
to define well the different sites and categories of your organization before you begin to create a
hierarchical address plan.
One of the benefits of a hierarchical plan is that you can recognize directly from the IP address to
which site the address belongs.
Example
A organization has three sites (site1, site2, site3), seven categories (prod, preprod, test, dev, test,
corpA, corpB) and at most 95 networks per category. It's ISP has assigned it the IPv6 address block
2001:AAAA:BBBB:/48.
With a prefix length of 48 remain 4 bits to map the existing sites, categories and networks per
category. How many bits will be reserved for each one depends on it's number.
The following table shows how GestióIP would distribute the free four bits in relation with the
number of sites, categories and networks per categories for this example:
90
IPv6 address block: 2001:aaaa:bbbb:0000:0000:0000:0000:0000/48
site 2001:aaaa:bbbb:0000::
categories 2001:aaaa:bbbb:0000::
Networks per category 2001:aaaa:bbbb:0000::
The table above shows some addresses that could be created within this plan.
Level I (sites) Level II (categories) Level III networks/categorie
2001:aaaa:bbbb:0000:: 2001:aaaa:bbbb:0000:: 2001:aaaa:bbbb:0000::
2001:aaaa:bbbb:0001::
2001:aaaa:bbbb:0100:: 2001:aaaa:bbbb:0100::
2001:aaaa:bbbb:0101::
2001:aaaa:bbbb:0102::
2001:aaaa:bbbb:0200:: 2001:aaaa:bbbb:0200::
9.2.1 Create the address plan
To create a hierarchical IPv6 address plan click over “networks”> “IPv6 address plan”
Step (1)
Introduce the IPv6 address block you want to create the plan from and “press send”.
Fig. 81: create hierarchical IPv6 address plan from an IPv6 block
91
Step (2)
Choose the number of sites, categories and networks per category which you need to map your
organization's structure (take future growing in mind).
Fig. 82: Number of site and category networks and networks per categroy
GestióIP makes here a proposal based on existing sites, categories and networks per category. With
marked checkbox “Carry over the descriptions and comments of existing IPv4 networks”, the
descriptions of the existing IPv4 networks will be assigned to the new IPv6 networks with the
corresponding sites and categories. GestióIP's default behavior is to create as many new networks
per site and category as existing IPv4 networks. With selected checkbox “Create new endnetworks
independently of the number of existing sites and categories” you will have in a later step the
possibility to introduce the number of networks to create for each site and category independently.
Once you have chosen the numbers click “next”.
Step (3)
GestióIP calculates all possible combinations of network distributions on the base of the numbers
which where introduced in the previous step and displays a list with possible numbers of level I
subnets (designated for the location rootnetworks).
92
Fig. 83: Level I networks (sites)
Click over the link with the number of networks you want to reserve for the locations.
Step (4)
In this step there will be a list of possible numbers of level II subnets displayed (designated for the
category rootnetworks).
Fig. 84: Level II networks (categories)
Choose the number of networks you want to reserve for the categories and click over the
corresponding link. A list of level II and level III networks will be displayed (the number of level
III subnets will automatically be calculated from the prefix length of the layer II networks). If you
are not satisfied with the result use the backlink to return to previous page to change the number of
level I subnets.
93
Step (5)
A list of level II and level III networks will be displayed (the number of level III subnets will
automatically be calculated from the prefix length of the layer II networks).
Fig. 85: Level III networks (networks per category)
If you are satisfied with the result click over “send”. If the checkbox “Create new endnetworks
independently of the number of existing sites and categories” from step (2) was selected, there will
be a form displayed which allows to introduce the definitive number of new networks per location
and category that should be created.
Step (6) (optional)
Introduce the number of networks which you want to be created for each location/category and
click “next”
94
Fig. 86: Number of networks to create
Step (7)
A list of the networks which should be created will be displayed. With marked checkbox “Carry
over the descriptions and comments of existing IPv4 networks” (Step (2)), the comments of the
IPv4 networks are taken over for the new IPv6 networks. Edit the descriptions of the networks, add
an optional comment and select the “sync” checkbox it you want that the new network will be
processed by automatic actualization (see 10). If you want to avoid networks from being created
unselect the check box “create”. Only networks with selected “create” checkbox will be created.
95
Fig. 87: Edit network paramters
Click link “create” at the bottom of the page to insert the new networks into GestióIP's database.
10 Automatic update
GestióIP comes with scripts which automatically update the database of GestióIP via SNMP
(ip_update_gestioip_snmp.pl), against the DNS (ip_update_gestioip_dns.pl) and against an OCS
Inventory NG (ip_update_gestioip_ocs.pl) .
It's highly recommended to enable automatic update (AU) to make sure that GestioIP's database is
always up to date. AU against DNS and via SNMP can be run in any environments which dispose
of a DNS server. If you have an installation of an OCS Inventory NG you can also update
GestioIP's database against the OCS database.
AU against DNS/SNMP and AU against OCS Inventory NG work different. AU against
DNS/SNMP processes all addresses of a network. AU against OCS only processes the entries which
are found in the OCS database. That causes, that entries which are deleted from OCS database will
not longer processed by AU against OCS and will not be deleted form GestioIP's database by AU
against OCS. AU against DNS is able to detect and delete this entries. So if you run AU against
OCS, run always AU against DNS, too. Configure the cron jobs in that way, that AU against OCS
will be executed before AU against DNS.
96
Note
If you run the automatic update against DNS (ip_update_gestioip_dns.pl) against an IPv6 network
you need to allow DNS zone transfers from the GestióIP server on the DNS servers.
Note
Create a cronjob to execute the scripts automatically (see 10.4).
Note
The automatic update processes only networks with checked "sync" field (see 3.2.1).
Note
AU need not run on the host with the installation of GestióIP. If you have a monitoring server (e.g.
with Nagios) which can reach all relevant networks with ping and SNMP, this could be a good
place to run scripts from.
Note
AU might rise load on the host where the scripts run and on DNS servers
10.1 Script directory structure
Since version 3.0 the installation creates the following directory structure for the AU scripts
under /usr/share:
/usr/share/gestioip/bin Directory with AU scripts
/usr/share/gestioip/bin/web Directory for Webbased discovery scripts (not relevant for AU)
/usr/share/gestioip/etc Directory with configuration for AU scripts
(ip_update_gestioip.conf)
/usr/share/gestioip/etc/vars Directory where the languagefiles are stored
/usr/share/gestioip/var/log Directory to store log files
/usr/share/gestioip/var/run Directory to store lock y pidfiles
Important note
AU of older version are not compatible with GestióIP v3.0. Disable AU cronjobs before updating
to v3.0 and reconfigure cronjobs with new script after updating GestióIP. Do NOT use AU
scripts of older versions with v3.0.
97
10.2 Command line options
$ ./ip_update_gestioip_snmp.pl help
usage: ip_update_gestioip.pl [OPTIONS...]
v, verbose verbose
V, Version print version and exit
l, log=logfile logfile
d, disable_audit disable auditing
c, config_file_name=config_file_name name of the configuration file (without path)
L, Location=locations coma separted list of locations
N, Network_file=networks.list file with the list of networks to process
C, CSV_networks=csv_list coma separated list of networks to process
m, mail send the result by mail (mail_destinatarios)
h, help help
./ip_update_gestioip_snmp.pl help
configuration file: /usr/share/gestioip/etc/ip_update_gestioip.conf
$ ./ip_update_gestioip_dns.pl help
usage: ip_update_gestioip_dns.pl [OPTIONS...]
t, test testing mode no database changes would be made (needs option v)
v, verbose verbose
V, Version print version and exit
c, config_file_name=config_file_name name of the configuration file (without path)
L, Location=locations coma separted list of locations
N, Network_file=networks.list file with the list of networks to process
C, CSV_networks=csv_list coma separated list of networks to process
d, disable_audit disable audit
h, help help
98
$ ./ip_update_gestioip_ocs.pl
usage: ip_update_gestioip.pl [OPTIONS...]
v, verbose verbose
V, Version Version
h, help help
Note
If you run the scripts manually use “verbose” option (./ip_update_gestioip.pl v) to see what's
happening.
Note
If you want to run the actualization scripts for various clients, create configuration files for every
client and specify the configuration file for every script instance with the c option
( ip_update_gestioip.pl does not dispose about the c option, specify the configuration file directly
in the script).
10.3 Configuration
The configuration of ip_update_gestioip_dns.pl and ip_update_gestioip_ocs.pl is stored in the file
"/usr/share/gestioip/etc/ip_update_gestioip.conf".
Configuration parameter description:
parameter description default value

sid_gestioip SID of the GestióIP's database gestioip
user_gestioip GestióIP's database user gestioip
pass_gestioip GestióIP's database user password
bbdd_host_gestioip Host where the GestióIP Mysql database runs localhost
bbdd_port_gestioip Port where GestióIP's Mysql database is
listening
sid_osc SID of the OCS database ocsweb
user_ocs OCS's database user ocs
99
pass_ocs OCS's database user password
bbdd_host_ocs Host where the OCS Mysql database runs
bbdd_port_ocs Port where OCS Mysql database is listening 3306
Global parameters relevant for update via SNMP, against DNS or against OCS
lang language supported values: en, es, cat, de en
mail_destinatarios Where to send the report. Comaseparated list
of mail addresses.
Example:
[email protected],[email protected]
mail_from “From” for the report mail. Change “your GestioIP@your
domain” to your domain. domain.org
logdir Where to store the log file .
(actual directory)
ignore_generic_auto Set this value to "yes" if the update script yes
should ignore DNS entries that match auto
generated generic rDNS entries (see 3.2.2.3)
ignorar Generic rDNS entries to ignore when updating
a network against the DNS (see 3.2.2.3)
max_sinc_procs Maximum number of parallel processes to fork 128
when synchronizing a network against the
DNS.
Decrease this value if the automatic update uses
too much CPU load or increase it for faster run.
Also, have a look at CPU load of your DNS
servers during the run of scripts (if the servers
are not very busy a value of 254 should not be a
problem).
possible values: 4,8,16,32,64,128,254
generic_dyn_host_name Configure here strings that match generic
names with are assigned via DHCP (see 3.6.2).
Commaseparated list, casesensitive.
Example: PC,LAP
(for dynamic assigned names such as PC
001,PC002, LAP001, LAP002)
dyn_rangos_only Set dyn_ranges_only to "yes" if you only want no
to update IPs of reserved ranges
Parameter relevant for update against DNS
actualize_ipv4_dns Set this parameter to “yes” if you want that the yes
update against DNS processes IPv4 networks
actualize_ipv6_dns Set this parameter to “yes” if you want that the yes
100
update against DNS processes IPv6 networks
delete_dns_hosts_all_down Set this parameter to "yes" if you want updating yes
against DNS to delete all IPs that don’t respond
to ping and that don't have rDNS entries.
Parameter relevant for update against DNS
no_ocs_redes For networks which should not be synchronized
against the OCS.
Only for ip_update_gestioip_ocs.pl
Commaseparated list.
Example: 10.0.1.0,192.168.0.0
set_update_type_to_ocs Set this to "yes" if automatic update against no
OCS should set the update type to "ocs". When
update_type is set to "ocs" automatic update
against DNS will not overwrite updates from
OCS.
ignore_ocs_host_down OCS doesn't always delete old entries from its yes
database. If you set "ignore_ocs_host_down" to
"yes", update against OCS will only update
GestióIP’s database with IPs which respond to
"ping".
delete_ocs_hosts_down_match Set this parameter to "yes" if you want updating yes
against OCS to delete IPs that don’t respond to
ping and with matching "generic auto" or
"generic dyn hostnames"
delete_ocs_hosts_down_all Set this parameter to "yes" if you want updating no
against OCS to delete all IPs that don’t respond
to ping
Parameter relevant for update via SNMP
actualize_ipv4_snmp Set this parameter to “yes” if you want that the yes
update via SNMP processes IPv4 networks
actualize_ipv6_snmp Set this parameter to “yes” if you want that the yes
update via SNMP processes IPv6 networks
snmp_community_string SNMP Community (SNMPv1/v2c) or username public
(SNMPv3)
snmp_version SNMP version 1
allowed values: 1,2,3
snmp_user_name SNMP user name (SNMP v3)
101
sec_level SNMP security level (noAuthNoPriv, authNoPriv

authNoPriv, authPriv)
auth_proto SNMP authentication protocol MD5
auth_pass SNMP authentication passsword
priv_proto SNMP privacy protocol (DES, 3DES, AES) 3DES
priv_pass SNMP rovacy password
Note
If you use both, AU against DNS and AU against OCS, check log files or audit for pingpong effects
(e.g. AU against DNS updates an entry and AU against OCS deletes it ….). If pingpong effects
occur check whether A and rDNS entries for the affected IP address are correctly configured.
10.4 Automatic execution with cron
Create a cronjob to activate the automatic update.
Example I
With the crontab entries below ip_update_gestioip_snmp.pl will be executed every Saturday at
22:30.
30 22 * * 6 /usr/share/gestioip/bin/ip_update_gestioip_snmp.pl m > /dev/null
2>&1
Example II
With the crontab entries below, ip_update_gestioip_dns.pl and ip_update_gestioip_ocs.pl will be
executed every day once per hour (ip_update_gestioip_dns.pl at 00:30, 01:30, 02:30,... and
ip_update_gestioip_ocs.pl at 00:45, 01:45,...) assuming that ip_update_gestioip_dns.pl need less
than 15 min for one run.
30 * * * * /usr/share/gestioip/bin/ip_update_gestioip_dns.pl m > /dev/null
2>&1
45 * * * * /usr/share/gestioip/bin/ip_update_gestioip_dns.pl m > /dev/null
2>&1
102
Note
Choose a frequency that ensures that the last run of the script has finished when cron executes the
script again (scripts create semaphore files so it's sure that there are never running multiple
instances of the script)
You can use the command “time” to determine how log the script needs for one run. Execute
$ time ./ip_update_gestioip_dns.pl v
....
real 0m14.431s < time the scrip needs to run
user 0m1.864s
sys 0m2.432s
(result for one class C network)
10.5 Required Perl Modules
Automatic update scripts depend amongst others on the following Perl Modules:
DBI, DBDmysql, Net::IP, Net::Ping::External, Parallel::ForkManager, Net::DNS, SNMP::Info,
ParseExcel (optional), OLEStorage_Lite (optional, needed by ParseExcel) .
If you run the update scripts from a host other than the GestióIP host, you need to install this Perl
Modules on the machine, too.
If you execute the update scripts from command line, missing modules will be indicated by an error
message like:
Can't locate ParseExcel.pm in @INC (@INC contains: ...
Here are some examples of how to install the required Perl Modules for different Linux
distributions (already installed modules will be ignored):
Debian/Ubuntu
Many of this packages are from “Universe” repository. You have to enable (uncomment) it in
/etc/apt/sources.list. Don't forget to execute “sudo aptget update” to resynchronize the package
index files from their sources after editing sources.list

$ sudo aptget install libdbiperl libdbdmysqlperl libparallelforkmanager
perl libnetpingexternalperl libwwwperl libnetipperl libspreadsheet
parseexcelperl libsnmpperl libdatemanipperl libdatecalcperl libtime
modulesperl libmailtoolsperl libnetdnsperl libsnmpinfoperl
103
Suse
$ sudo zypper install PerlDBDmysql perlDBI PerlNetIP perllibwwwperl perl
SNMP perlMailTools perlTimemodules perlDateCalc perlDateManip perlNet
DNS
The following Perl module are not available from Suse repository: Parallel::ForkManager,
ParseExcel ,OLEStorage_Lite and SNMP::Info
Download the modules from http://search.cpan.org/ and install it manually (see 10.5.1).
Fedora/RedHat/CentOS
$ sudo yum install perlNetIP perlNetPingExternal perlParallelForkManager
perlDBI perlDBDmysql perlSpreadsheetParseExcel netsnmpperl perlDateManip
perlDateCalc perlTimeDate perlMailTools perlSNMPInfo perlNetDNS
Note for Redhat 5 and CentOS 5.3
The following Perl modules are not available from repositories: ParallelForkManager, NetPing
External, Net::DNS and SNMP::INFO
Download the modules from http://search.cpan.org/ and install them manually (see 10.5.1).
10.5.1 Manual installation of missing Perl modules
If you run automatic update from a different host than that which comes with installation of
GestióIP there might be Perl modules missing.
Download the missing modules from http://search.cpan.org and install them using the following
commands (requires that “make” is installed):
$ tar vzxf module.tar.gz or rather unzip module.zip
$ cd module
$ perl Makefile.pl
$ make
$ sudo make install
104
10.5.1.1 SNMP::Info and Netdisco MIBs
VLAN discovery as well as parts of host discovery via SNMP are based on the Perl Module
SNMP::Info, developed by Max Backer for the Netdisco project. SNMP::Info requires the Netdisco
MIBs to be installed on the system. If Netdisco MIBs are already installed on the server you can
specify the path to the directory where the MIB files are stored from “Manage” → “GestióIP”.
To install MIB files download them latest version of the Netdisco MIBs from Sourceforge:
https://sourceforge.net/projects/netdisco/files/netdiscomibs/
Untar the file netdiscomibsx.y.tar.gz
$ tar vzxf netdiscomibsx.y.tar.gz
Copy the content of netdiscomibsx.y/ to /usr/share/gestioip/mibs/
$ sudo cp r netdiscomibsx.y/* /usr/share/gestioip/mibs/
Change the owner and group to the user under which is running the Apache Web server (e.g.
Ubuntu: wwwdata)
$ sudo chown R wwwdata:wwwdata /usr/share/gestioip/mibs
105
11 General information
11.1 Backup
Don't forget to include GestióIP's database within your backup strategy.
To make a manual backup of GestióIP's database execute the following command:
$ mysqldump u gestioip p gestioip > backup_gestioip.sql
To recover a backup made with “mysqldump” execute the following command:
$ mysql u gestioip p gestioip < backup_gestioip.sql
11.2 Firewall rules
GestioIP's Webbased, as well as the script based discovery and update functions are working with
with DNS and SNMP queries plus ICMP echo requests (ping). That means that the nameservers
must be accessible and that the target networks must be reachable with SNMP and ICMP from the
host with the installation of GestióIP and the host where the update scripts (see 10) are running (if
not the same). All connections are initialized by GestióIP. That means that the following firewall
rules are necessary to run GestióIP's update functions properly.
protocol src address src port dest address dest port

ICMP echo request (type GestióIP host destination networks
8)
UDP GestióIP host > 1023 destination networks 161
UDP GestióIP host > 1023 DNS servers 53
TCP (for zone transfers) GestióIP host > 1023 DNS servers 53
ICMP echo reply destination networks GestióIP host
(type 0)
UDP destination networks 161 GestióIP host > 1023
UDP DNS servers > 1023 GestióIP host 53
TCP (for zone transfers) DNS servers > 1023 GestióIP host 53
106
11.3 JavaScript
GestióIP uses JavaScript. You have to enable JavaScript in your browser to use GestióIP.
11.4 Cookies
GestióIP uses the following six cookies:
● GestioIPLang to remember the last used language
● EntriesRedPorPage to remember the last value of entries/page (network entries shown per
page)
● scrollx and scrolly to scroll to last position after manipulating host from “list”view
● net_scrollx and net_scrolly to scroll to last position after manipulating networks from
“list”view
● ShowRootNet – to decide of rootnetworks should be displayed
● ShowEndNet – to decide of endnetworks should be displayed
12 Troubleshooting
In this chapter you find tips how to troubleshoot some common problems while running GestióIP. If
this chapter doesn't help you to resolve a problem please visit the Help Forum
(http://sourceforge.net/projects/gestioip/forums/forum/981984) or report the problem
to [email protected].
12.1 SNMP
Problem related con SNMP based discovery mechanisms are frequently caused by missing of
required standard MIBs or a incorrect installation of Netdisco MIBs (required by SNMP::Info).
12.1.1 General SNMP problems
(1) snmpwalk
Run the command snmpwalk from a shell of the server with the GestióIP installation to check if the
target machine is reachable and if the required standard MIBs (SNMPv2MIB, IPFORWARD
MIB, RFC1213MIB) are correctly installed (MIBs are correctly installed if OIDs appear as string).
107
$ snmpwalk v1 c COMMUNITY IP_ADDRESS_TO_QUERY | head 10
SNMPv2MIB::sysDescr.0 = STRING: Linux hostname 2.6.3811generic
#50Ubuntu SMP Mon Sep 12 21:18:14 UTC 2011 i686
SNMPv2MIB::sysObjectID.0 = OID: NETSNMPMIB::netSnmpAgentOIDs.10
DISMANEVENTMIB::sysUpTimeInstance = Timeticks: (372953) 1:02:09.53
SNMPv2MIB::sysContact.0 = STRING: Me <[email protected]>
SNMPv2MIB::sysName.0 = STRING: hostname
SNMPv2MIB::sysLocation.0 = STRING: Sitting on the Dock of the Bay
SNMPv2MIB::sysServices.0 = INTEGER: 72
SNMPv2MIB::sysORLastChange.0 = Timeticks: (1) 0:00:00.01
SNMPv2MIB::sysORID.1 = OID:
SNMPFRAMEWORKMIB::snmpFrameworkMIBCompliance
SNMPv2MIB::sysORID.2 = OID: SNMPMPDMIB::snmpMPDCompliance
and not
.1.3.6.1.2.1.1.1.0 = STRING: Linux hostname 2.6.3811generic #50Ubuntu
SMP Mon Sep 12 21:18:14 UTC 2011 i686
.1.3.6.1.2.1.1.2.0 = OID: .1.3.6.1.4.1.8072.3.2.10
.1.3.6.1.2.1.1.3.0 = Timeticks: (380424) 1:03:24.24
.1.3.6.1.2.1.1.4.0 = STRING: Me <[email protected]>
.1.3.6.1.2.1.1.5.0 = STRING: hostname
.1.3.6.1.2.1.1.6.0 = STRING: Sitting on the Dock of the Bay
.1.3.6.1.2.1.1.7.0 = INTEGER: 72
.1.3.6.1.2.1.1.8.0 = Timeticks: (1) 0:00:00.01
.1.3.6.1.2.1.1.9.1.2.1 = OID: .1.3.6.1.6.3.10.3.1.1
.1.3.6.1.2.1.1.9.1.2.2 = OID: .1.3.6.1.6.3.11.3.1.1
If OIDs appear numerically the required MIB files are missing. Install
them to resolve the problem. E.g. Ubuntu:
$ sudo aptget install snmpmibsdownloader
$ sudo downloadmibs
Execute the snmpwalk command from above again. If the OIDs still appear numerically open
/etc/snmp/snmp.conf and comment out the line
#mibs :
Note
Error message “Unknown Object Identifier” is habitually caused by missing of required standard
MIBs or a bad configuration of snmp client.
108
(2) Check dependencies
Execute the following script from a shell of the server with the GestióIP installation to check if the
dependencies are complied:
http://www.gestioip.net/files/gestioip_snmp_test.tar.gz
Please configure a device and the community directly in the script.
12.1.2 Problems with VLAN discovery
VLAN discovery depends on the Perl module SNMP::Info. VLAN discovery only works with
devices which are supported by SNMP::Info. Consult Netdisco (SNMP::Info) Device Compatibility
Matrix to check if your device is supported
http://netdisco.org/DeviceMatrix.html
Note
Network discovery does not depend in SNMP::Info. SNMP::Info is only required for VLAN
discovery and partially for the host discovery via SNMP.
12.1.3 Problems with network discovery
A fail of the network import via SNMP may be caused by missing MIB files (see 12.1.1) or because
the device does not support the required OIDs.
IPv4 based network import depends on either the OIDs ipCidrRouteDest, ipCidrRouteMask,
ipCidrRouteProto or the OIDs ipRouteDest, ipRouteMask, ipRouteProto.
IPv6 based network import depends on either the OID inetCidrRouteProto or the OID
ipv6RouteProtocol.
You can check if the required ODIs are supported by your device by running the command
snmpwalk (this may take some time):
$ snmpwalk v1 c COMMUNITY IP_ADDRESS_TO_QUERY | grep “inetCidrRouteProto”
…
IPFORWARD
MIB::inetCidrRouteProto.ipv6."fe:80:00:00:00:00:00:00:03:c4:df:f3:fe:95:ac:12".1
28.1.4.ipv6."00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" = INTEGER:
local(2)
...
109
12.2 Database
GestióIP comes with the script “gip_health_check.pl” which executes a couple of consistency
checks for the Mysql database. Before you execute the script you need to configure the database
parameters directly in the script. You find the script in the “script” directory of the GestióIP tarball.
Open it with your favorite editor and configure SID, username, password and the IP of the host
where the database is running.
############################
#### Change from here... ###
############################
my $sid_gestioip="gestioip"; # SID of the GestioIP Mysql database
my $user_gestioip="gestioip"; # GestioIP's database user
my $pass_gestioip ="XXXXXX"; # Password of GestioIP's database user
my $bbdd_host_gestioip="localhost"; # Hostname or IP where the GestioIP Mysql
database is running
############################
#### ... to here ###########
############################
Save and close the script. To execute the script change to the “script” directory and execute the
following command:
$ ./gip_health_check.pl
12.3 Uninstalling GestióIP
GestióIP does not dispose about an automatic deinstallation script. Deinstallation must be
performed manually. GestióIP consists in CGIfiles, the update scripts, the apache configuration
and the Mysql database. To uninstall GestióIP remove this files, disable the Cronjobs (if
configured) and delete GestióIP's database.
Open a shell and execute the following commandos:
• Remove the CGI files:
$ sudo rm r [DocumentRoot]/gestioip
(replace [DocumentRoot] with the DocumentRoot of your Apache web server)
• Disable the cronjobs.
• Remove the script files:
$ sudo rm r /usr/share/gestioip
110
• Remove the apache configuration:
$ sudo rm APACHE_INCLUDE_DIR/gestioip.conf
(e.g. Ubuntu: rm /etc/apache/conf.d/gestioip.conf)
• Remove GestióIP's Apache user file
$ sudo rm APACHE_CONF_DIR/usersgestioip
(e.g. Ubuntu: rm /etc/usersgestoip)
• Delete GestióIP's Mysql database:
Login to mysql CLI:
$ mysql u root p
…
mysql> drop database gestioip;
mysql> exit;
13 Licence
GestióIP is free software. It is distributed under the GNU GENERAL PUBLIC LICENCE version 3
(GPLv3).
111
Appendix A
List of manufactures recognized by GestioIP's SNMP discovery mechanisms (displayed with
icons in hostlistview)
3com, Accton, Actiontec, Adder, Adtran, Aerohive, Aficio, Allied, Alps, Altiga, Alvaco, Anitech,
Apc, Apple, Arista, Arquimedes, Aruba, Asante, Astaro, Avaya, Avocent, Axis, Barracuda, Belair,
Billion, Bluecoat, Broadcom, Brocade, Brother, Calix, Canon, Checkpoint, Cisco, Citrix,
Cyberoam, Dell, Dialogic, Dlink, Dothill, Draytek, Eci, Edgewater, Eeye, Emc, Emerson,
Enterasys, Epson, Ericsson, Extreme, Extricom, F5, Fluke, Force10, Fortinet, Foundry, Fujitsu, Gta,
H3c, Heidelberg, Hitachi, Hp, Huawei, Ibm, Iboss, Imperva, Juniper, Kasda, Kemp, Kodak, Konica,
Lancom, Lanier, Lanner, Lantronix, Lenovo, Lexmark, LG, Liebert, Lifesize, Linksys, Lucent
alcatel, Lucent, Macafee, Megaware, Meru, Microsemi, Microsoft, Mikrotik, Mitsubishi,
Mobileiron, Motorola, Moxa, Multitech, Nec, Netapp, Netgear, Netsweeper, Nitro, Nokia, Nortel,
Novell, Oce, Oki, Olivetti, Olympus, Optibase, Oracle, Ovislink, Packetfront, Paloalto, Panasonic,
Passport, Patton, Peplink, Pica8, Polycom, Procurve, Proxim, Qnap, Radvision, Radware, Rapid7,
Realtek, Redback, Reflex, Ricoh, Riverbed, Riverstone, Ruckus, Samsung, Savin, Seiko_infotec,
Shinko, Siemens, Silverpeak, Sipix, Smc, Sonicwall, Sony, Sourcefire, Star, Stillsecure, Stonesoft,
Storagetek, Sun, Supermicro, Symantec, Tallygenicom, Tandberg, Tenda, Thomson, Tippingpoint,
Toplayer, Toshiba, Ubiquiti, Vegastream, Vidyo, Vmware, Vyatta, Watchguard, Websense,
Westbase, Xante, Xerox, Xiro, Zebra, Zyxel
List of operation systems recognized by GestioIP's SNMP discovery mechanisms (displayed
with icons)
AIX, ArchLinux, CentOS, Debian, Fedora, FreeBSD, FunToo, GenToo, JunOS, Linux, NetBSD,
Netware, OpenBSD, Redhat, Slackware, Solaris, Suse, Ubuntu, Turbolinux, Unix, Windows
GestióIP Copyright © Marc Uebel 2015
112

Documentacion GestioIP 32 en

Uploaded by

Copyright:

Available Formats

Documentacion GestioIP 32 en

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Documentacion GestioIP 32 en

Uploaded by

Copyright:

Available Formats

GestióIP IPAM

Answers to ping? rDNS entry Match ignore or Update? Hostname set to

Octett Decimal hexadecimal

Prefix legth Requiered IPv4 Translation only for translated IPv6 address

parameter description default value

sec_level SNMP security level (noAuthNoPriv, authNoPriv

protocol src address src port dest address dest port

You might also like