Feature request: Topology view

waxhead · April 21, 2020, 01:52:18 AM

I think it would be nice (and useful) if OPNssense had a topology view somewhere.
For example you could use a description linked to the MAC address / DHCP lease and build a table that describes the topology and what is connected to what.

Would this be interesting? I think it can be very useful for both small and larger networks, it could also be expandable with links to firewall rules, traffic stats, etc....

+------------+------+----------+---------------------------------+
| The ether | WAN | OPNsense | Switch48p_VLAN1 |
| | | +--+------------------------------+
| | | | | LAN |
| | | | +--+---------------+-----------+
| | | | | | server01_file | |
| | | | | +---------------+-----------+
| | | | | | server02_www | |
| | | | | +---------------+-----------+
| | | | | | workstation01 | |
| | | | | +---------------+-----------+
| | | | | | workstation02 | |
| | | +--+--+---------------+-----------+
| | | | Switch48p_VLAN2 |
| | | +--+------------------------------+
| | | | | OPT1_PUB |
| | | | +--+---------------+-----------+
| | | | | | server03_file | |
| | | | | +---------------+-----------+
| | | | | | server04_www | |
| | | | | +---------------+-----------+
| | | | | | server05_ftp | |
| | | +--+--+---------------+-----------+
| | | | Switch48p_VLAN3 |
| | | +--+------------------------------+
| | | | | OPT2_WIFI |
| | | | +--+---------------------------+
| | | | | | rpi_ap1 |
+------------+------+ | | +---------------+-----------+
| Cosmos | WAN2 | | | | | Cellphone |
+------------+------+ | | | +-----------+
| Multiverse | WAN3 | | | | | Laptop |
| | | | | +---------------+-----------+
| | | | | | rpi_ap2 |
| | | | | +---------------+-----------+
| | | | | | | Guest01 |
+------------+------+----------+--+--+---------------+-----------+

mimugmail · April 21, 2020, 05:58:11 AM

There are tools available which can do this, to run them on OPN would be overkill :(

waxhead · April 21, 2020, 01:47:19 PM

Quote from: mimugmail on April 21, 2020, 05:58:11 AM
There are tools available which can do this, to run them on OPN would be overkill :(

And exactly why would this be overkill?! If you can disable and/or set a polling interval it should not consume much resources.
Besides - OPNsense is made to be extended right?

What other tools can easily achieve this?

hbc · April 21, 2020, 02:04:27 PM

It's a job for network managment and monitoring systems. They usually search arp tables, lookup cdp and lldp via SNMP to create network maps.

A firewall should not scan your network. It should protect it.

mimugmail · April 21, 2020, 09:52:59 PM

Quote from: waxhead on April 21, 2020, 01:47:19 PM
Quote from: mimugmail on April 21, 2020, 05:58:11 AM
There are tools available which can do this, to run them on OPN would be overkill :(

And exactly why would this be overkill?! If you can disable and/or set a polling interval it should not consume much resources.
Besides - OPNsense is made to be extended right?

What other tools can easily achieve this?

LibreNMS or Netdisco e.g. but they have too many dependencies to run inside OPNsense

hbc · April 21, 2020, 10:06:24 PM

Somebody who has so many devices, that he needs a tool for topology mapping, should be able to afford a dedicated server for this tool easily.

Netdisco really rocks. I use it a lot to lookup mac addresses and like the history function for former connections.

Feature request: Topology view

waxhead

April 21, 2020, 01:52:18 AM

mimugmail

April 21, 2020, 05:58:11 AM #1

waxhead

April 21, 2020, 01:47:19 PM #2

hbc

April 21, 2020, 02:04:27 PM #3

mimugmail

April 21, 2020, 09:52:59 PM #4

hbc

April 21, 2020, 10:06:24 PM #5