Netmagis: Specifications

Netmagis is an application designed to ease network administration, It provides data management for DNS and DHCP servers, a modelization of the network with a graph, allowing an automatic map generation of the network topology (on the routing and the switching level) and the visualization of metrology informations.

It is also a web application, meaning accessing informations become really easy.

Features for users

For the user, Netmagis offers the following functions:

  • add, modify and delete a host (A record for IPv4 addresses or AAAA for IPv6 addresses);
  • associate informations for each host:
    • one or more IPv4 and IPv6 addresses,
    • optionnale MAC address (allowing to define a static DHCP allocation),
    • DHCP profile (allowing to define DHCP options like a network boot or a terminal),
    • host type, choosen in a list defined by the administrator (eg. PC, printer etc.),
    • any comment,
    • name and email address of the person in charge of a host ;
  • support for multiple DNS views (also called split DNS): the same name can be associated to different IP addresses according to the appropriate DNS view.
  • add, modify and delete address intervals for a dynamic DHCP server;
  • display a list or a map of all hosts in a network;
  • add, modify and delete aliases (CNAME DNS records);
  • add, modify and delete "mail roles" which define MX records;
  • consultation of the people in charge of a host;
  • display level 2 map (switching) and level 3 (routing) of the network if the user allowed to consult them;
  • modify switch interfaces to set the desired VLAN (including the ToIP VLAN if it exists);
  • consult metrology informations regarding the network equipements if the user is allowed to see them.

Features for administrators

For the administrator, Netmagis offers the following functions:

  • manage access rights of user groups: allowed networks and allowed IP addresses, authorized DNS domains, authorized DNS views, accessible DHCP profiles and network equipements;
  • manage networks, DNS domains, zones, views, network administrators and groups, user communities, DHCP profiles, etc.;
  • definition of mail relays for domains;
  • definition of a zone "prologue", including the SOA record in which the serial number will be generated for each zone modification;
  • MAC address search and network equipement interface search given an IP address;
  • statistics (by organization, by network, etc.);

Besides, for mass-modification, or to automate some operations, Netmagis also provides command-line script to add hosts, modify informations pertaining to a host, etc.

Netmagis can rely on your LDAP directory and, optionally on your CAS server, for authentication. In the case you don't have any LDAP directory or CAS server, Netmagis can directly manage users into a PostgreSQL database.

Main characteristics

The following objects are managed by Netmagis:

HostsName (FQDN), associated view, IPv4/IPv6 address(es), type, MAC address (optional), comment, person or group in charge. In addition, depending on configuration: TTL, allowed to use unauthenticated SMTP
AliasesNames (FQDN) of the alias and of the referenced host
Mail relayNames (FQDN) of the MX and of the host which receives the messages
NetworksName, geographical localization, IPv4 and/or IPv6 address passerelle par défaut, activation du service DHCP, organisme, communauté, commentaire
DomainDomain name
ViewsView name (no limit on number of managed views)
ZonesName, records to put in the prologue, selection criteria (domain or IP address range), associated view
DHCP profilesName, lines to insert into the dhcpd.conf configuration file for ISC DHCPD
Dynamic DHCP intervalIPv4 address interval, domain name, DHCP profile, default and maximum leases time
VLANsVLAN, VLAN Id and «ToIP» capability
EquipmentsName, type, et status (active or not)
Network administrator groupsLogins of group membres in the authentication database (LDAP or PostgreSQL), access rights
Group rightsDatabase administrator right, network rights IP addresses rights, domain name rights accessible DHCP profiles, host TTL modification rights, unauthenticated SMTP rights, network equipements read access rights, network equipements modification access rights

Authentication et user account management

Authentication is managed by Netmagis. Account management is done:

  • either with an existing LDAP or PostgreSQL infrastructure In that case, you manage user accounts with your own tools, and Netmagis will fetch informations concerning the users using their login
  • or with a dedicated PostgreSQL database, in that case you will use the user management built into Netmagis.

Authentication can also use a CAS server with a LDAP directory

Hardware prerequisite

Netmagis is a lightweight application and does'nt need a lot of computing power.

Moreover, you could if you wish so (but it is in no way obligatory), install each component on a distinct server:

  • Web server
  • Data server (PostgreSQL)
  • Authentication server (LDAP, CAS+LDAP or PostgreSQL)
  • DNS server
  • DHCP server (if necessary)
  • Mail relay server (if necessary)
  • Network equipements management server (if necessary)
  • Metrology server (if necessary)

Of course, one computer could host one or several services listed above. You should decide according to your own constraints regarding your current network architecture and the security level required.

Software prerequisite

Netmagis needs the following software:

TypeSoftwareMinimum version MandatoryComment
Web serverApache>= 2.4MandatoryAny web server compatible with CGI interface can do
RDBMSPostgreSQL>= 9.1MandatoryPostgreSQL is mandatory in order to use network address datatypes, stored procedures, triggers et transactions
LanguageTcl>= 8.5MandatoryProgramming Language used
LibraryTcllib>= 1.15MandatoryTcllib contains essential functions like LDAP directory access or OO extensions
EncryptionOpenSSLanyMandatoryOpenSSL can encrypt strings (password for example) on the command line.
Password generationpwgen>= 1.5MandatoryGenerate a password when creating a user account
PDF generationLaTeXOptionalpdflatex is used to generate the PDF files when printing lists. We recommend either the teTeX distribution or the TeX-Live distribution.
Network equipements managementRancidOptionalRancid is used simultaneously to collect network equipement configurations and to send modifications to equipements (to set VLAN to interface)
LanguagePerl5.xOptionalUsed for the optional metrology module

NB: the required Perl modules are not documented yet

Metrology databaseRRDToolsOptionalUsed for the optional metrology module
Netmagis license Netmagis Web site