Version 7.0 | Last Updated 2017-05-19
Copyright © 2004-2017 NetBrain Technologies, Inc. All rights reserved.
NetBrain® Integrated Edition
How to Access Live Network
2 | How to Access Live Network
How to Access Live Network
Many functions of NetBrain require access to live network and retrieve data from the live network and these
functions include:
▪ Live Network Discovery
▪ Benchmark
▪ Path Discovery
▪ Monitoring
▪ Map-based Live Tools
▪ Tune Live Access
In order to make these functions work, you need to configure the following live network settings in NetBrain
system:
▪ Username/password pairs and privilege passwords - used to remotely connect to devices by using
Telnet/SSH and retrieve live data via CLI commands.
▪ SNMP RO strings - used to access devices via SNMP. Monitoring devices also requires SNMP RO strings.
Tip: These settings are stored in your NetBrain database and the passwords are encrypted. A system administrator can
control whether a user has the live access privilege.
NetBrain Proxy Server uses the credentials to log in to your network devices and retrieve data from the devices by
using SNMP polling and CLI commands. But it never makes any configuration changes to your network.
Live Network Discovery
NetBrain uses a special neighbor-walking algorithm to discover your network. It only uses one Telnet/SSH session
per device and consumes quite lightweight network traffic during a discovery task.
For the quickest and most comprehensive discovery, make sure that the Proxy Server can access your network
with all the following methods selected:
▪ SNMP
▪ Telnet/SSH
The actions that the NetBrain discovery engine takes are:
1. Ping
How to Access Live Network | 3
2. SNMP RO GET to a few OIDs
3. Telnet to port 23 or SSH to port 22, and issue the following commands (here take Cisco Router for an example):
▪ show run
▪ show ip route summary
▪ show ip route
▪ show cdp neighbor
Benchmark
During a benchmark task, NetBrain Proxy Server accesses devices by using Telnet/SSH and issues CLI commands
to retrieve configuration files, route tables, ARP tables, CDP tables, MAC tables and interface information for all
devices in a domain. You can also define your own CLI show commands.
For Cisco IOS devices, the benchmark process issues the following show commands:
▪ show run / show config
▪ show cdp neighbor detail
▪ show interface
▪ show arp
▪ show mac-address-table dynamic
▪ show ip route
▪ customized show commands defined by users
Benchmark data is used to build or update Layer 3 and Layer 2 topology so that your network data in a domain is
always up-to-date. Because benchmark data is a snapshot of your network at a specific time point, it can also be
used for comparison purposes, such as to recall a good network state when you troubleshoot a problem. When
you implement a network change, it is recommended that you execute a benchmark before and after
implementation and compare the two sets of data to find differences, so that you can find any issues caused by
the changes, such as missing routes.
Path Discovery
Starting from two end points, you can discover and map an application path. Depending on the method used to
discover the path, the system will retrieve route information via SNMP or CLI from live network:
▪ If retrieving route information via SNMP, it will only retrieve routes related to the destination rather than the
entire route table.
4 | How to Access Live Network
▪ If retrieving route tables via CLI, it will issue show commands such as show ip route to get the whole route
tables.
Tip: You can also select to find the historical path based on historical route tables.
Monitoring
The Monitoring function uses SNMP polling to retrieve performance data from live network, such as CPU, memory,
interface delay, bandwidth usage and so on.
Map-based Live Tools
When you run a map-based live tools, NetBrain Proxy Server will access devices by using Telnet/SSH and issues CLI
show commands to retrieve data from live network:
▪ Monitor Qapp – retrieve live data from your network and display the real-time data on map.
▪ Execute CLI Commands – access devices by using SSH/Telnet and issue customized CLI commands to
retrieve live data for devices on a map.
▪ Retrieve Live Data - access devices by using SSH/Telnet and retrieve live data in batches and save the data in
a specified data folder for further use, including the live configuration, route table, MAC table, device
properties and other information.
Tune Live Access
Tuning Live Access enables you to check the reachability of live devices by polling the credentials configured in the
Network Settings as well as verify the properties changes of your network devices, such as credentials, hostname,
vendor and model information. Tuning Live Access only attempts to log in to network devices by using Telnet/SSH
and polling the credentials and gets some device properties by using SNMP but will not issue any CLI commands
to retrieve live data after login.
CLI Commands
If show commands can be issued in a non-privileged mode, then the system will not enter the privileged mode.
Otherwise the system has to enter the privileged mode to issue show commands. NetBrain does not make any
network configuration changes.
Appendix: Supported CLI Commands
NetBrain is consistently adding more "read only" CLI commands to support more features. Here is a list of CLI
commands being used (but not limited to) in Integration Edition.
How to Access Live Network | 5
Note: The variable '$VrfName' in the following table means the name of a vrf.
Device Types CLI Commands in Device Driver Script CLI Commands in NCT Tables
3Com/H3C Switch display arp
display arp all
display arp vpn-instance $VrfName
display brief interface
display current-configuration
display device
display device manuinfo
display ip routing-table
display ip routing-table vpn-instance $VrfName
display lldp neighbor-information
display mac-address
display port-security mac-address security
display version
N/A
A10 Load Balancer show arp
show run
show interface brief
show ip arp vrf $VrfName
show ip route
show ip route mgmt
show ip route vrf $VrfName
show lldp neighbor
show mac-address-table
show version
N/A
Adtran Switch show arp
show interface description
show interface status
show ip inter brief
show ip route
show lldp neighbor detail
show mac address-table
show mac-address-table
show run
show version
N/A
Adva Optical Switch show arp-entries
show ip-routes
show sys
N/A
6 | How to Access Live Network
Device Types CLI Commands in Device Driver Script CLI Commands in NCT Tables
Alcatel-Lucent Omni Switch show amp
show arp
show arp vrf $VrfName
show interface status
show interfaces port
show ip routes vrf $VrfName
show ip routes
show lldp remote-system
show mac-address-table
show mac-address-table learned
show mac-learning
show module long
show system
write terminal
N/A
Alcatel-Lucent Service
Router
admin display-config
show chassis
show mda detail
show router arp
show router arp $VrfName
show router fib 1
show router interface detail
show router route-table
show router $VrfName route-table
show router $VrfName fib 1
show port detail
show system
show router ldp bindings active
show router bgp routes vpn-ipv4 hunt
show router rsvp session detail
show router rsvp session originate detail
admin display-config
show router bgp routes vpn-ipv4 detail
Alcatel-Lucent OmniStack
SW
show amap
show arp
show bridge address-table
show interfaces status
show lldp neighbors
show running-config
show system
show version
N/A
Arista Switch show arp
show interface
show interface status
show ip route
show lldp neighbors detail
show mac address-table
show mac-address-table
show run
show version
show crypto ipsec sa
show ip bgp summary
show ip bgp summary vrf $VrfName
show ip interface brief
show ip mroute
show ip nat translations
show ip ospf neighbor
show ip pim neighbor
show isis neighbors
show mpls lfib route
show name
show run
show vrf
Arris CMTS Router show arp
show arp vrf $VrfName
show ip route vrf default
show ip route vrf $VrfName
N/A
How to Access Live Network | 7
Device Types CLI Commands in Device Driver Script CLI Commands in NCT Tables
show running-config
show version
Aruba IAP show arp
show datapath bridge
show ip interface brief
show ip route
show running-config
show version
N/A
Aruba LWAP show run all N/A
Aruba WLC show ap database long
show arp
show datapath bridge
show inventory
show ip route
show lldp neighbor
show running-config
show version
N/A
Avaya Secure Router show arp
show interfaces
show ip route
show run
show sys config
N/A
Avaya Switch show arp-table
show autotopology nmm-table
show interfaces
show ip address
show lldp neighbor
show mac-address-table
show run
show sys-info
N/A
Avaya VSP show arp-table
show autotopology nmm-table
show ip route
show ip route vrf $VrfName
show running-config
show sys-info
show vlan mac-address-entry
N/A
Bluecoat show config noprompts
show ip-default-gateway
show version
N/A
Brocade ADX show arp
show fdp neighbors detail
show interfaces brief
show ip route
show mac-address
show run
show version
N/A
Brocade Switch show arp
show arp $VrfName
show fdp neighbors detail
show interface brief
show ip bgp vpnv4 tags
show ip vrf
show mpls forwarding
8 | How to Access Live Network
Device Types CLI Commands in Device Driver Script CLI Commands in NCT Tables
show ip route
show ip interface
show ip route vrf $VrfName
show lldp neighbors detail
show mac-address
show mpls lsp
show run
show version
Brocade VDX Switch show arp
show fdp neighbors detail
show interface status rbridge-id all
show ip interface
show ip route
show lldp neighbors detail
show mac-address
show run
show version
N/A
Brocade Vyatta vRouter show arp
show configuration all
show ip route
show lldp neighbors detail
show version
N/A
Calix B-Series show arp
show ip route
show run
show version
N/A
Calix E-Series show interface
show mac
show mgmt-cfg
show system
show version
show vlan members
N/A
CASA CMTS show arp
show ip route
show run
show version
N/A
Checkpoint Gaia Firewall cphaprob -a if
dmidecode
fw ver
grep 'Serial Number'
show arp dynamic all
show arp static all
show configuration
show interfaces all
show route all
show virtual-system
show virtual-system all
show vsx
N/A
Checkpoint SPLAT Firewall arp -a
arp -n -v
arp -n -v -z $VrfName
cphaprob -a if
N/A
How to Access Live Network | 9
Device Types CLI Commands in Device Driver Script CLI Commands in NCT Tables
dmidecode
fw ver
fw vsx stat -l
grep 'Serial Number'
head -1
ifconfig -a
netstat -rn
route -n -v
route -n -v -z $VrfName
Ciena Carrier Ethernet
Switch
arp show
configuration show
flow show mac‐ addr
interface show
lldp show neighbors
port show
N/A
Cisco ACE Load Balancer show arp
show cdp neighbor detail
show interface description
show interface status
show inventory
show ip interface brief
show ip route
show mac-address-table
show mac address-table
show module
show module switch all
show run
show version
show serverfarm detail
show service-policy detail
Cisco ASA Firewall show arp
show cluster info
show failover
show interface stats
show inventory
show ip address management
show mode
show module
show mac-address-table
show name
show route
show run
show switch mac-address-table
show version
show crypto ipsec sa
show name
show version
show nat
show xlate
write terminal
Cisco Catalyst Switch show cam dynamic
show cam static
show cdp neighbor detail
show config
show inventory
show module
show port status
show version
N/A
Cisco CSS show arp N/A
10 | How to Access Live Network
Device Types CLI Commands in Device Driver Script CLI Commands in NCT Tables
show bridge forwarding
show ip routes
show running-config
Cisco IOS XR Router admin show inventory
show arp
show arp $vrfname
show cdp neighbor detail
show interface description
show interfaces
show inventory
show ip interface brief
show lldp neighbor detail
show module
show module switch all
show route
show route vrf $vrfname
show run
show version
show bgp summary
show bgp vpnv4 unicast labels
show bgp vpnv4 unicast summary
show bgp vrf $VrfName summary
show eigrp neighbors
show ipv4 interface brief
show ipv4 vrf $VrfName interface brief
show isis neighbors
show ospf neighbor
show pim ipv4 neighbor
show route ipv6
show run
show running-config
show mpls forwarding
show mpls ldp neighbor
show mpls traffic-eng tunnels detail
show mrib ipv4 route detail
show mrib vrf $VrfName ipv4 route detail
show vrf all detail
Cisco IOS Switch show arp
show cdp neighbor detail
show interface
show interface brief
show interface status
show interface description
show inventory
show ip arp vrf $VrfName
show ip interface brief
show ip redirects
show ip route
show ip route vrf $VrfName
show lldp neighbor
show mac address-table
show mac-address-table
show run
show module
show version
show clns neighbors
show crypto ipsec sa
show ip bgp summary
show ip bgp vpnv4 all label
show ip bgp vpnv4 all summary
show ip bgp vpnv4 vrf $VrfName
summary
show ip cache verbose flow
show ip eigrp neighbors
show ip interface brief
show ip mroute
show ip mroute vrf $VrfName
show ip nat translations
show ip ospf neighbor
show ip pim neighbor
show ip vrf
show ipv6 route
show mpls forwarding-table
show mpls ldp neighbor
show mpls traffic-eng tunnels
show name
show run
Cisco Nexus Switch show cdp neighbor detail
show interface status
show interfaces
show inventory
show ip arp
show ip arp vrf all
show ip arp vrf arp‐ name
show ip route
show bgp vpnv4 unicast labels
show fabricpath route
show hardware flow ip module*
show interface terse
show ip bgp summary
show ip bgp vrf $VrfName summary
show ip eigrp neighbors
show ip mroute
How to Access Live Network | 11
Device Types CLI Commands in Device Driver Script CLI Commands in NCT Tables
show ip route vrf all
show ip route vrf‐ name
show mac address‐ table
show mac‐ address‐ table
show module
show run
show spanning‐ tree blockedports
show version
terminal length 0
show ip mroute vrf $VrfName
show ip ospf neighbor
show ip pim neighbor
show ipv6 route
show isis adjacency
show module
show mpls ldp neighbor
show mpls switching
show running-config
show vdc detail
show vrf
Cisco MDS show cdp neighbor detail
show interface status
show inventory
show ip arp
show ip route
show lldp neighbor detail
show module
show module fex
show run all
show version
N/A
Cisco PIX Firewall show arp
show failover
show inventory
show mode
show name
show route
write terminal
show version
show crypto ipsec sa
show name
show nat
show version
show xlate
write terminal
Cisco Router show arp
show cdp neighbor detail
show interface description
show interface status
show inventory
show ip arp vrf $VrfName
show ip interface brief
show ip route
show ip route vrf $VrfName
show lldp neighbor
show run
show version
show clns neighbors
show crypto ipsec sa
show run
show ip bgp summary
show ip bgp vpnv4 all label
show ip bgp vpnv4 all summary
show ip bgp vpnv4 vrf $VrfName
summary
show ip cache verbose flow
show ip eigrp neighbors
show ip interface brief
show ip mroute
show ip mroute vrf $VrfName
show ip nat translations
show ip ospf neighbor
show ip pim neighbor
show ip vrf
show ipv6 route
show mpls forwarding-table
show mpls ldp neighbor
show mpls traffic-eng tunnels
show name
12 | How to Access Live Network
Device Types CLI Commands in Device Driver Script CLI Commands in NCT Tables
Cisco Small Business Switch show arp
show cdp neighbor detail
show interface status
show ip route
show ip redirects
show ip route vrf $VrfName
show lldp neighbor
show mac address-table
show run
show system id
show version
N/A
Cisco UBR show arp
show cdp neighbor detail
show interface description
show interface status
show inventory
show ip arp vrf $VrfName
show ip interface brief
show ip route
show ip route vrf $VrfName
show run
show version
N/A
Cisco UCS Fabric show cdp neighbor detail
show interface status
show inventory
show lldp neighbor detail
show mac-address-table
show mac address-table
show module
show module fex
show run all
show version
N/A
Cisco VDS show arp
show inventory
show ip route
show ip route $VrfName
show run
show version
N/A
Cisco WAAS show arp
show cdp neighbors detail
show inventory
show ip route
show run
show version
N/A
Cisco WAP show cdp neighbor detail
show dot11 association
show inventory
show ip interface brief
show run
show version
N/A
Cisco WLC show arp switch
show cdp neighbors detail
N/A
How to Access Live Network | 13
Device Types CLI Commands in Device Driver Script CLI Commands in NCT Tables
show inventory
show port detail
show route summary
show run-config
show run-config commands
show running-config
show stats port summary
show sysinfo
Dell Force10 Switch show arp
show arp switch
show interface status
show inventory
show ip interface brief
show ip route
show lldp neighbors detail
show mac‐ addr‐ table
show mac‐ address‐ table
show run
show version
N/A
Dell PowerConnect
/Networking Switch
show arp
show bridge address-table
show interface status
show ip route
show isdp neighbors detail
show lldp neighbors
show lldp remote-device all
show mac-address-table
show mac address-table
show run
show version
N/A
Dell Sonicwall show arp cache
show current-config default
show routing nsm database
show status
show version
N/A
Dlink Switch show arp
show bridge address-table
show interface status
show run
show system
show system id
show version
show vlan
N/A
Enterasys Switch show arp
show config
show ip route
show mac
show neighbors wide
show neighbors
N/A
Extreme Switch show config
show edp
show bgp routes vpnv4 detail all
show mpls ldp lsp
14 | How to Access Live Network
Device Types CLI Commands in Device Driver Script CLI Commands in NCT Tables
show edp ports all
show fdb
show iparp
show iparp vr $VrfName
show iproute
show iproute vr $VrfName
show lldp neighbor detail
show lldp neighbor
show policy detail
show ports no-refresh
show slot
show version
show mpls rsvp-te lsp detail
F5 Load Balancer grep %$VrfName
show net arp all
show net arp all | grep '%$VrfName\>'
show net route all
show net route recursive all
show running-config recursive all-properties | grep '.*'
show sys
show sys version
show ltm virtual detail
show ltm virtual detail recursive
show running-config ltm virtual recursive
show running-config ltm virtual
Fortinet FortiGate Firewall get router info routing-table all
get system arp
get system status
show
show system interface
get system session list
show config system global
show crypto ipsec sa
show name
show
Fujitsu Switch show arp
show bridge
show chassis
show ip route
show run
show system information
show version
N/A
GigaVUE-OS show interfaces
show ip route
show running-config
N/A
Hirschmann Switch show arp switch
show lldp remote‐ data
show mac‐ addr‐ table all
show network
show running‐ config
show sysinfo
N/A
HP ProCurve Switch show arp
show cdp neighbors detail
show interfaces
show interfaces brief
show ip route
show lldp info remote all
show mac‐ address
show modules
show running‐ config
show system-information
N/A
Huawei Switch display arp N/A
How to Access Live Network | 15
Device Types CLI Commands in Device Driver Script CLI Commands in NCT Tables
display arp vpn-instance $VrfName
display current-configuration
display device
display interface brief
display ip routing-table
display ip routing-table vpn-instance $VrfName
display lldp neighbor
display mac-address
display version
IBM Switch show arp all
show ip route
show lldp remote-device
show mac-address-table
show running-config
show version
N/A
Juniper EX Switch show arp no-resolve |no-more
show arp vpn $VrfName no-resolve |no-more
show chassis fabric connectivity
show chassis hardware | no-more
show config|no‐ more
show configuration fabric
show interface terse|no‐ more
show interfaces terse | no-more
show interface statistics | no-more
show lldp neighbors|no-more
show route table inet.0|no-more
show route table $VrfName.inet.0|no-more
show version | no-more
show bgp neighbor
show bgp neighbor instance *
show bgp summary
show bgp summary instance *
show configuration
show configuration routing-instance
show configuration routing-instances
show interface terse
show isis adjacency
show ldp neighbor detail
show ospf neighbor
show pim neighbors
show pim join extensive
show pim join extensive instance *
show route table mpls.0 detai
show route table bgp.l3vpn.0 detail
Juniper Router show arp no-resolve |no-more
show arp vpn $vfName no-resolve | no-more
show chassis hardware | no‐ more
show config|no‐ more
show interface statistics | no‐ more
show interface terse|no‐ more
show lldp neighbors | no‐ more
show route summary
show route table inet.0 | no‐ more
show route table $VrfName.inet.0|no-more
Show version | no‐ more
show bgp neighbor
show bgp neighbor instance *
show bgp summary
show bgp summary instance *
show configuration
show configuration routing-instance
show configuration routing-instances
show crypto ipsec sa /show name
show interface terse
show isis adjacency
show ldp neighbor detail
show ospf neighbor
show pim join extensive
show pim join extensive instance *
show pim neighbors
show route table mpls.0 detai
show route table bgp.l3vpn.0 detail
show run
show security ipsec security-associations
detail
16 | How to Access Live Network
Device Types CLI Commands in Device Driver Script CLI Commands in NCT Tables
Juniper SRX Firewall show arp no-resolve |no-more
show arp vpn $VrfName no-resolve |no-more
show chassis hardware | no-more
show configuration | no-more
show configuration groups junos-defaults applications |
no-more
show interface statistics | no-more
show interfaces terse | no-more
show lldp neighbors|no-more
show route table inet.0|no-more
show route table $VrfName.inet.0|no-more
show version | no-more
show bgp neighbor
show bgp neighbor instance *
show bgp summary
show bgp summary instance *
show config|no-more
show configuration
show configuration routing-instance
show configuration routing-instances
show crypto ipsec sa
show isis adjacency
show interface terse
show ldp neighbor detail
show name
show ospf neighbor
show pim join extensive
show pim join extensive instance *
show pim neighbors
show route table mpls.0 detai
show route table bgp.l3vpn.0 detail
show run
show security ipsec security-associations
detail
MikroTik RouterOS /interface bridge host print
/interface ethernet switch mac-based-vlan print
/ip address print
/ip arp print
/ip neighbor print detail terse
/ip route print detail terse
/system resource print
/system routerboard print
export verbose
N/A
MRV Switch show arp
show fib
show interface detail
show ip route
show ip route $VrfName
show port detail
show run
show version
N/A
NetScaler Balancer show arp
show bridgetable
show ha node
show interface description
show interface status
show inventory
show ip interface brief
show module
show module switch all
show route
show running
show version
show lb vserver -summary -fullValues
NetScreen Firewall get config show crypto ipsec sa
How to Access Live Network | 17
Device Types CLI Commands in Device Driver Script CLI Commands in NCT Tables
get interface
get zone
get vrouter $vr-name route
get arp | include $vr-name
get system
get vsys
show name
get vpn
get config
Nortel ERS Switch show bootconfig config
show config
show ip arp info
show ip arp info vrf $VrfName
show ip route info
show ip route info vrf $VrfName
show ports info interface
show sys topology
N/A
Nortel ESU Switch show arp-table
show autotopology nmm-table
show fdb
show ip route
show mac-address-table
show run
N/A
Palo Alto Firewall show arp all
show config merged
show interface all
show interface hardware
show mac all
show running nat-policy
show running pbf-policy
show running security-policy
show routing route virtual-router default
show routing route virtual-router $VrfName
show system info
show crypto ipsec sa
show name
show vpn flow
show run
Radwin Radio display ethernet
display inventory
display management
N/A
Redback Router show arp-cache
show chassis
show configuration
show context all
show hardware
show ip route
show version
N/A
Riverbed WAN Optimizer show arp
show info
show interfaces configured
show ip route
show running‐ config
N/A
Rugged RS(G) Switch sql select * from GatewayCfg
sql select * from ipAddrTable
sql select * from LldpRemTbl
sql select * from macAddresses
sql select * from productInfo
N/A
18 | How to Access Live Network
Device Types CLI Commands in Device Driver Script CLI Commands in NCT Tables
sql select * from systemId
sql select * from vlanPortCfg
RuggedCom ROX Switch show chassis chassis-status
show chassis hardware
show interface description
show interface status
show ip interface brief
show module
show module switch all
show running-config
show routing | tab
show switch mac-tables
show switch net-discovery | tab
show version
N/A
Sidewinder Firewall
(Mcafee)
arp -a
netstat -rn||ifconfig -a
N/A
Silver Peak WAN Optimizer show arp
show cdp neighbors
show interfaces configured
show ip route
show run
show system
show version
N/A
SMC Switch show arp
show interface
show interface description
show interface status
show inventory
show ip interface brief
show lldp info remote-device
show mac-address-table
show module
show module switch all
show run
show version
N/A
T-Marc 300 Series show ip arp
show ip route
show lldp remote-system-data
show mac-address-table
show run
show version
N/A
Tellabs Router show arp
show arp vrf $VrfName
show hw-inventory
show ip interface brief
show ip route
show ip route $VrfName
show running-config
N/A
Tellabs Switch show ip arp
show ip route
show ip route $VrfName
show mac dynamic
N/A
How to Access Live Network | 19
Device Types CLI Commands in Device Driver Script CLI Commands in NCT Tables
show run
show system information
Uplogix LMS show system ip N/A
Xirrus Wireless Array show arp
show cdp neighbors
show mac-table
show route
show running-config
show stations
N/A