starred/netbox
1
0
Fork 0
mirror of https://github.com/netbox-community/netbox.git synced 2026-01-11 21:10:29 +01:00
Code Issues 273 Packages Projects Releases 10 Wiki Activity

Napalm broken since 2.8.9-ldap or before #4202

New Issue
Closed
opened 2025-12-29 18:33:50 +01:00 by adam · 5 comments
adam commented 2025-12-29 18:33:50 +01:00
Owner
Copy Link

Originally created by @guillaume-harvey on GitHub (Oct 20, 2020).

Using Napalm CLI from netbox container is working perfectly:

 napalm --user ***** --password ********* --vendor junos 10.65.41.30 call get_lldp_neighbors_detail
{
    "ge-0/0/47": [
        {
            "parent_interface": "-",
            "remote_port": "MgmtEth0/RP0/CPU0/0",
            "remote_chassis_id": "9C:E1:76:70:18:D9",
            "remote_port_description": "",
            "remote_system_name": "tor-29.wnpgmb01",
            "remote_system_description": "6.6.3, NCS-5500",
            "remote_system_capab": [
                "router"
            ],
            "remote_system_enable_capab": [
                "router"
            ]
        }
    ],
    "xe-0/2/0": [
        {
            "parent_interface": "ae0",
            "remote_port": "xe-0/0/21",
            "remote_chassis_id": "CC:E1:94:CA:7E:E0",
            "remote_port_description": "mtw29-winnipeg01  xe-0/2/0 Mgmt",
            "remote_system_name": "mtw0-0-winnipeg01",
            "remote_system_description": "Juniper Networks, Inc. qfx5100-48s-6q Ethernet Switch, kernel JUNOS 14.1X53-D42.3, Build date: 2017-02-14 20:10:57 UTC Copyright (c) 1996-2017 Juniper Networks, Inc.",
            "remote_system_capab": [
                "bridge",
                "router"
            ],
            "remote_system_enable_capab": [
                "bridge",
                "router"
            ]
        }
    ],
    "xe-0/2/1": [
        {
            "parent_interface": "ae0",
            "remote_port": "xe-1/0/21",
            "remote_chassis_id": "CC:E1:94:CA:7E:E0",
            "remote_port_description": "mtw29-winnipeg01  xe-0/2/1 Mgmt",
            "remote_system_name": "mtw0-0-winnipeg01",
            "remote_system_description": "Juniper Networks, Inc. qfx5100-48s-6q Ethernet Switch, kernel JUNOS 14.1X53-D42.3, Build date: 2017-02-14 20:10:57 UTC Copyright (c) 1996-2017 Juniper Networks, Inc.",
            "remote_system_capab": [
                "bridge",
                "router"
            ],
            "remote_system_enable_capab": [
                "bridge",
                "router"
            ]
        }
    ]
}

Even using the API it is still working

curl "https://netbox.<domain>/api/dcim/devices/2140/napalm/?method=get_lldp_neighbors_detail" -H "Authorization: Token 12e1bae111f6057b1bc9924baf118b5288ff91e3" -H "Content-Type: application/json" -H "Accept: application/json; indent=4" -H "X-NAPALM-Username: ******" -H "X-NAPALM-Password: ***********" -k
{
    "get_lldp_neighbors_detail": {
        "ge-0/0/47": [
            {
                "parent_interface": "-",
                "remote_port": "MgmtEth0/RP0/CPU0/0",
                "remote_chassis_id": "9C:E1:76:70:18:D9",
                "remote_port_description": "",
                "remote_system_name": "tor-29.wnpgmb01",
                "remote_system_description": "6.6.3, NCS-5500",
                "remote_system_capab": [
                    "router"
                ],
                "remote_system_enable_capab": [
                    "router"
                ]
            }
        ],
        "xe-0/2/0": [
            {
                "parent_interface": "ae0",
                "remote_port": "xe-0/0/21",
                "remote_chassis_id": "CC:E1:94:CA:7E:E0",
                "remote_port_description": "mtw29-winnipeg01  xe-0/2/0 Mgmt",
                "remote_system_name": "mtw0-0-winnipeg01",
                "remote_system_description": "Juniper Networks, Inc. qfx5100-48s-6q Ethernet Switch, kernel JUNOS 14.1X53-D42.3, Build date: 2017-02-14 20:10:57 UTC Copyright (c) 1996-2017 Juniper Networks, Inc.",
                "remote_system_capab": [
                    "bridge",
                    "router"
                ],
                "remote_system_enable_capab": [
                    "bridge",
                    "router"
                ]
            }
        ],
        "xe-0/2/1": [
            {
                "parent_interface": "ae0",
                "remote_port": "xe-1/0/21",
                "remote_chassis_id": "CC:E1:94:CA:7E:E0",
                "remote_port_description": "mtw29-winnipeg01  xe-0/2/1 Mgmt",
                "remote_system_name": "mtw0-0-winnipeg01",
                "remote_system_description": "Juniper Networks, Inc. qfx5100-48s-6q Ethernet Switch, kernel JUNOS 14.1X53-D42.3, Build date: 2017-02-14 20:10:57 UTC Copyright (c) 1996-2017 Juniper Networks, Inc.",
                "remote_system_capab": [
                    "bridge",
                    "router"
                ],
                "remote_system_enable_capab": [
                    "bridge",
                    "router"
                ]
            }
        ]
    }
}

But using the GUI in the Neighbors tabs, we get a :
{"detail":"Error connecting to the device at 10.65.41.30: ConnectAuthError(10.65.41.30)"}

After some debugging, we checked the ssh logs from the server we are trying to get Neighbors
Direct from netbox GUI:

RP/0/RP0/CPU0:Oct 19 20:12:46.388 EDT: SSHD_[68735]: %SECURITY-SSHD-3-ERR_GENERAL : User name in USERAUTH_REQUEST is null or blank

Using netbox as Napalm proxy (napalm CLI, working)

RP/0/RP0/CPU0:Oct 19 20:13:59.483 EDT: SSHD_[68821]: %SECURITY-SSHD-6-INFO_SUCCESS : Successfully authenticated user 'netbox' from '10.55.18.209' on 'vty1'(cipher 'aes128-ctr', mac 'hmac-sha2-256')

It seems that Napalm from the GUI is not using the X-NAPALM-USERNAME and password.

We tried to force define the username, password and timeout from the Platforms
we have created.

{"secret": "NAPALM_PASSWORD", "NAPALM_TIMEOUT": "60", "NAPALM_PASSWORD": "**********", "NAPALM_USERNAME": "*********"}

We are currently using 2.9.7-ldap as image, but we were on 2.8.9-ldap last week and it was impossible to make it work.

One of my colleague told me it was correctly working long time ago on 2.6.1-ldap last time we try this feature.

Originally created by @guillaume-harvey on GitHub (Oct 20, 2020). Using Napalm CLI from netbox container is working perfectly: ``` napalm --user ***** --password ********* --vendor junos 10.65.41.30 call get_lldp_neighbors_detail { "ge-0/0/47": [ { "parent_interface": "-", "remote_port": "MgmtEth0/RP0/CPU0/0", "remote_chassis_id": "9C:E1:76:70:18:D9", "remote_port_description": "", "remote_system_name": "tor-29.wnpgmb01", "remote_system_description": "6.6.3, NCS-5500", "remote_system_capab": [ "router" ], "remote_system_enable_capab": [ "router" ] } ], "xe-0/2/0": [ { "parent_interface": "ae0", "remote_port": "xe-0/0/21", "remote_chassis_id": "CC:E1:94:CA:7E:E0", "remote_port_description": "mtw29-winnipeg01 xe-0/2/0 Mgmt", "remote_system_name": "mtw0-0-winnipeg01", "remote_system_description": "Juniper Networks, Inc. qfx5100-48s-6q Ethernet Switch, kernel JUNOS 14.1X53-D42.3, Build date: 2017-02-14 20:10:57 UTC Copyright (c) 1996-2017 Juniper Networks, Inc.", "remote_system_capab": [ "bridge", "router" ], "remote_system_enable_capab": [ "bridge", "router" ] } ], "xe-0/2/1": [ { "parent_interface": "ae0", "remote_port": "xe-1/0/21", "remote_chassis_id": "CC:E1:94:CA:7E:E0", "remote_port_description": "mtw29-winnipeg01 xe-0/2/1 Mgmt", "remote_system_name": "mtw0-0-winnipeg01", "remote_system_description": "Juniper Networks, Inc. qfx5100-48s-6q Ethernet Switch, kernel JUNOS 14.1X53-D42.3, Build date: 2017-02-14 20:10:57 UTC Copyright (c) 1996-2017 Juniper Networks, Inc.", "remote_system_capab": [ "bridge", "router" ], "remote_system_enable_capab": [ "bridge", "router" ] } ] } ``` Even using the API it is still working ``` curl "https://netbox.<domain>/api/dcim/devices/2140/napalm/?method=get_lldp_neighbors_detail" -H "Authorization: Token 12e1bae111f6057b1bc9924baf118b5288ff91e3" -H "Content-Type: application/json" -H "Accept: application/json; indent=4" -H "X-NAPALM-Username: ******" -H "X-NAPALM-Password: ***********" -k { "get_lldp_neighbors_detail": { "ge-0/0/47": [ { "parent_interface": "-", "remote_port": "MgmtEth0/RP0/CPU0/0", "remote_chassis_id": "9C:E1:76:70:18:D9", "remote_port_description": "", "remote_system_name": "tor-29.wnpgmb01", "remote_system_description": "6.6.3, NCS-5500", "remote_system_capab": [ "router" ], "remote_system_enable_capab": [ "router" ] } ], "xe-0/2/0": [ { "parent_interface": "ae0", "remote_port": "xe-0/0/21", "remote_chassis_id": "CC:E1:94:CA:7E:E0", "remote_port_description": "mtw29-winnipeg01 xe-0/2/0 Mgmt", "remote_system_name": "mtw0-0-winnipeg01", "remote_system_description": "Juniper Networks, Inc. qfx5100-48s-6q Ethernet Switch, kernel JUNOS 14.1X53-D42.3, Build date: 2017-02-14 20:10:57 UTC Copyright (c) 1996-2017 Juniper Networks, Inc.", "remote_system_capab": [ "bridge", "router" ], "remote_system_enable_capab": [ "bridge", "router" ] } ], "xe-0/2/1": [ { "parent_interface": "ae0", "remote_port": "xe-1/0/21", "remote_chassis_id": "CC:E1:94:CA:7E:E0", "remote_port_description": "mtw29-winnipeg01 xe-0/2/1 Mgmt", "remote_system_name": "mtw0-0-winnipeg01", "remote_system_description": "Juniper Networks, Inc. qfx5100-48s-6q Ethernet Switch, kernel JUNOS 14.1X53-D42.3, Build date: 2017-02-14 20:10:57 UTC Copyright (c) 1996-2017 Juniper Networks, Inc.", "remote_system_capab": [ "bridge", "router" ], "remote_system_enable_capab": [ "bridge", "router" ] } ] } } ``` But using the GUI in the Neighbors tabs, we get a : `{"detail":"Error connecting to the device at 10.65.41.30: ConnectAuthError(10.65.41.30)"}` After some debugging, we checked the ssh logs from the server we are trying to get Neighbors Direct from netbox GUI: ``` RP/0/RP0/CPU0:Oct 19 20:12:46.388 EDT: SSHD_[68735]: %SECURITY-SSHD-3-ERR_GENERAL : User name in USERAUTH_REQUEST is null or blank ``` Using netbox as Napalm proxy (napalm CLI, working) ``` RP/0/RP0/CPU0:Oct 19 20:13:59.483 EDT: SSHD_[68821]: %SECURITY-SSHD-6-INFO_SUCCESS : Successfully authenticated user 'netbox' from '10.55.18.209' on 'vty1'(cipher 'aes128-ctr', mac 'hmac-sha2-256') ``` It seems that Napalm from the GUI is not using the X-NAPALM-USERNAME and password. We tried to force define the username, password and timeout from the Platforms we have created. ``` {"secret": "NAPALM_PASSWORD", "NAPALM_TIMEOUT": "60", "NAPALM_PASSWORD": "**********", "NAPALM_USERNAME": "*********"} ``` We are currently using 2.9.7-ldap as image, but we were on 2.8.9-ldap last week and it was impossible to make it work. One of my colleague told me it was correctly working long time ago on 2.6.1-ldap last time we try this feature.
adam added the status: revisions needed label 2025-12-29 18:33:50 +01:00
adam closed this issue 2025-12-29 18:33:50 +01:00
adam commented 2025-12-29 18:33:50 +01:00
Author
Owner
Copy Link

@DanSheps commented on GitHub (Oct 20, 2020):

This issue is pending closure as it does not conform to one of the provided templates as required by the contributing guide. If you'd like to request that your issue be re-opened, please first update the content so that it matches the appropriate template (this may require rewriting your issue entirely).

Further, we don't support container instances and the version you are using is vastly out of date.

@DanSheps commented on GitHub (Oct 20, 2020): This issue is pending closure as it does not conform to one of the [provided templates](https://github.com/netbox-community/netbox/issues/new/choose) as required by the [contributing guide](https://github.com/netbox-community/netbox/blob/master/CONTRIBUTING.md). If you'd like to request that your issue be re-opened, please first update the content so that it matches the appropriate template (this may require rewriting your issue entirely). Further, we don't support container instances and the version you are using is vastly out of date.
adam commented 2025-12-29 18:33:51 +01:00
Author
Owner
Copy Link

@guillaume-harvey commented on GitHub (Oct 20, 2020):

@DanSheps

First of, the version we are using right now as previously stated in my message was 2.9.7 which is the latest version. We also tried on 2.8.9, but this is not the version we are running right now. I only said that it was previously working with 2.6.1. Not that we are using this version anymore.

I am running the application in a container, but this is not a container related problem. It is an application problem as CLI, API are correctly working but it is not working using the GUI and navigating to LLDP Neighbors tab on a specific device.

I am opening a ticket matching the template provided

@guillaume-harvey commented on GitHub (Oct 20, 2020): @DanSheps First of, the version we are using right now as previously stated in my message was 2.9.7 which is the latest version. We also tried on 2.8.9, but this is not the version we are running right now. I only said that it was previously working with 2.6.1. Not that we are using this version anymore. I am running the application in a container, but this is not a container related problem. It is an application problem as CLI, API are correctly working but it is not working using the GUI and navigating to LLDP Neighbors tab on a specific device. I am opening a ticket matching the template provided
adam commented 2025-12-29 18:33:51 +01:00
Author
Owner
Copy Link

@DanSheps commented on GitHub (Oct 20, 2020):

I am opening a ticket matching the template provided

No, you are not using the provided templates

@DanSheps commented on GitHub (Oct 20, 2020): > I am opening a ticket matching the template provided No, you are not using the provided templates
adam commented 2025-12-29 18:33:51 +01:00
Author
Owner
Copy Link

@guillaume-harvey commented on GitHub (Oct 20, 2020):

I don't want to be rude, but can you read a simple message?

I didn't say "This ticket is matching the template provided", I said: "I am opening a ticket matching the template provided"

which means that I am currently working on this and will create a new request or update this one as soon as I am done...

@guillaume-harvey commented on GitHub (Oct 20, 2020): I don't want to be rude, but can you read a simple message? I didn't say "This ticket is matching the template provided", I said: "I am opening a ticket matching the template provided" which means that I am currently working on this and will create a new request or update this one as soon as I am done...
adam commented 2025-12-29 18:33:51 +01:00
Author
Owner
Copy Link

@guillaume-harvey commented on GitHub (Oct 20, 2020):

You can close this issues, new one is here: https://github.com/netbox-community/netbox/issues/5257

@guillaume-harvey commented on GitHub (Oct 20, 2020): You can close this issues, new one is here: https://github.com/netbox-community/netbox/issues/5257
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
beta
breaking change
complexity: high
complexity: low
complexity: medium
needs milestone
netbox
pending closure
plugin candidate
pull-request
Mirrored from GitHub Pull Request
 severity: high
severity: low
severity: medium
status: accepted
status: backlog
status: blocked
status: duplicate
status: needs owner
status: needs triage
status: revisions needed
status: under review
topic: GraphQL
topic: Internationalization
topic: OpenAPI
topic: UI/UX
topic: cabling
topic: event rules
topic: htmx navigation
topic: industrialization
topic: migrations
topic: plugins
topic: scripts
topic: templating
topic: testing
type: bug
type: deprecation
type: documentation
type: feature
type: housekeeping
type: translation
No Label status: revisions needed
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
adam
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/netbox#4202
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?