The network topology report may not always be entirely accurate because of limitations on the data runZero can gather.
In the case where there's SNMP data available, runZero will pull a snapshot of the SNMP data from each device when it is scanned, then use that to build topology. However, in many cases a single infrequent snapshot is not enough to show a complete picture in complicated environments, and links may end up missing. In addition, only recent SNMP data is used — if devices have not been scanned in the last 9 days, their SNMP topology data will not be used.
When there's no SNMP information, runZero will attempt to compute topology based on which switch claims to have seen the MAC, which may not always be the nearest access switch. Our algorithm looks for the port with the least number of shared MACs to find best match, but that depends on the switch cache timeouts and how the switch was scanned, so there may be links shown that don't exist as direct physical connections.
Cisco Catalyst devices
SNMPv3 on Cisco Catalyst devices will not let you pull the bridge port information that we need unless you specifically enable per-VLAN access.
SNMP v3 access to VLAN ARP/FDB tables requires this access rule:
| Newer IOS: | snmp-server group YourGroupName v3 auth context vlan- match prefix |
| Older IOS: | snmp-server group YourGroupName v3 auth context vlan-1 (repeated for every VLAN) |
Note that even after this is done, runZero will need to send a separate SNMP request for every VLAN. This can significantly slow down scans with SNMP enabled on a network with many Catalyst devices.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article