The reason this isn't as straightforward as you might think is that SNMP provides no method to ask a device "What are you?" Instead, SNMP lets you explore a device's capabilities — and from them, you can infer what sort of thing it is.
Discovery handles this process by (a) figuring out a device's capabilities, and (b) providing a list of SNMP Classifiers (Discovery Definition → SNMP) that determine how to classify a device with any given set of capabilities. The rules inside these classifiers are available for you to look at — and like everything else in our product, you can add, delete, and modify them.
As I write this, Discovery analyzes these capabilities (all of which are either true or false):
- switching: the device is capable of switching IP packets (i.e., a network switch)
- vlan: the device is capable of hosting virtual LANs (i.e., a network switch that can be partitioned)
- routing: the device is capable of routing IP packets between 2 or more interfaces (i.e., a network router)
- powering: the device is capable of powering other devices (i.e., a UPS)
- printing: the device is capable of printing
- hosting: the device is capable of hosting applications (i.e., a server)
The Standard Network Router classifier is shown at right. Toward the bottom you can see the criteria this classifier is looking at. Remember that these classifiers are run in order — and before this one, the Standard Network Switch classifier has already run. This classifier will only run if the device Discovery is looking at is not a switch. In that case, if the device can't host, can't print, but can route — then Discovery will infer that it is a router. The first consequence is that the device will be classified into the IP Router table (controlled by the setting at the top right of the form). If we could infer the make and model, those could be set by the two fields below that. Finally, at the very bottom of the form is the list of probes that will be launched (presuming their condition script is satisfied). There's one additional twist to the SNMP classification process. This takes advantage of a standard piece of SNMP information: the System OID (see this post for more about SNMP and OIDs). The SNMP standard calls for the System OID to have a different value for each make and model of device. Most manufacturers do a good job of following this standard, but unfortunately not all of them — some renegade manufacturers have the same System OID for many different models, or even for kinds of devices. A few truly evil manufacturers use the same System OID for every device they make.
Discovery captures the System OID from every SNMP device, and shows it at the end of the short description field. Here's an example: the System OID for a Cisco 2912XL switch is 1.3.6.1.4.1.9.1.219. The first seven numbers in that string (the "1.3.6.1.4.1.9.") uniquely identify the manufacturer as Cisco; the numbers following are the Cisco-assigned number for that model of switch. Now if only we had a way to use that System OID to help Discovery figure out what that thing is...
Ah, but we do (of course)! At right you can see some of the SNMP System OIDs list (Discovery Definition → SNMP System OIDs) that comes out-of-the-box. Every time Discovery explores an SNMP device, it grabs the System OID and looks in this list to see if it can find it. When it does find a matching entry, Discovery uses the table classification, manufacturer, and model fields to add more information to the record for the device in the CMDB. The reason for the table field is to take care of an otherwise ambiguous situation that most commonly arises with routers and switches. Network gear is getting more and more capable all the time, and these days it's fairly common to find switches that can also act as a router (commonly called "Layer 3 switches"), and routers that can act as a switch (usually through an optional plug-in switching module). These devices have both routing and switching capability — hence the ambiguity about how to classify them. The default classification for such a device is a switch — but through the SNMP System OID list you can override that default for any specific System OID.
You can (and should!) add records to this list for the devices on your network. Remember that the short description field will show the System OID for any devices Discovery finds via SNMP — and then you can use that piece of information to create your own records in this list to tell Discovery "That's what that thing is!"
