2

I have servers and storage arrays in a composite lab and intermediate switches. I want to get a list of all the MAC addresses of the systems connected to each switch. It should be switch vendor independent like no CDP and all. And also independent of IP! any suggestions?

Tirtha Pratim Bhattacharjee
  • 21
  • 1
  • 1
    Sounds like an exam question. You haven't mentioned arp, have you tried using that? – john Jul 09 '13 at 19:19
  • If these are managed switches you should be able to get the information directly from the MAC address table of each switch. An ARP scan would get you the MAC addresses but it wouldn't tell you which hosts are connected to which switch. – joeqwerty Jul 09 '13 at 19:20
  • 1
    Would something like snmp be acceptable? You could walk the mac_address_table OID? or if they are all L2 adjacent. broadcast ping and show all the arps ? – Doon Jul 09 '13 at 19:20
  • 1
    Can you get all of the MAC addresses of every currently running host on your network? Yes you can. Can you map those MAC addresses to the switch ports they're connected to without accessing the MAC address table of each switch? No you can't. – joeqwerty Jul 09 '13 at 19:30
  • @john first of all it's not an exam question, please read carefully before commenting.. – Tirtha Pratim Bhattacharjee Jul 09 '13 at 21:45
  • @joeqwerty yes arp doesn't help because switch and host physical connection is not clear. so ultimately it boils down that i have to access the switch MAC address table to determine the connections. is CLI the only option in here? – Tirtha Pratim Bhattacharjee Jul 09 '13 at 21:46
  • Is CLI the only option? That depends on the switch. Most managed switches have a web-based management interface that you can use to view the MAC address table. – joeqwerty Jul 09 '13 at 22:08

2 Answers2

3

There is no standard protocol for determining layer 2 topology in a vendor-neutral way. ARP is used to map between layer 3 addresses (IPs) and layer 2 addresses (MACs) in the same broadcast domain, but cannot query the MAC of everything connected to the network. Switches may expose this data via SNMP, but are not required to. It is possible to watch traffic on the segment for MAC addresses, but it is not a requirement that all of them appear on your segment for them to exist within the layer 2 broadcast domain.

You could ping the subnet broadcast address and check your ARP table (which after they all reply will contain an entry for every host that replied), but keep in mind that not all hosts will reply to things like pings to the subnet broadcast. This will also not give you which switch nodes are connected to, but this is because switches are supposed to be transparent, and ethernet doesn't carry or need this kind of metadata.

Most managed switches will provide some means to view their MAC table, which will typically contain port information, either via SNMP (more rare) or their CLI (common).

Falcon Momot
  • 25,244
  • 15
  • 63
  • 92
2

Netdisco might get you close - uses mainly SNMP to get mac and arp information from the switches and lets you put the MAC with the IP and combine it with hostname lookups to give you something that usually is able to match the hostname to the MAC and what switch they are connected to. It can use vendor specific protocols if the switches support it as well to discover topology of connected swithes.

I've used it with varying degrees of success as sometimes the data can become stale and refuse to update.

Rex
  • 7,895
  • 3
  • 29
  • 45
  • nice suggestion but i don't need a fancy tool to maintain Db and generate fancy topography. i needed protocol not tool.. – Tirtha Pratim Bhattacharjee Jul 09 '13 at 21:43
  • A screw does nothing for you unless you have a screwdriver. In the same way a protocol does nothing for you without a tool. Regardless of what protocol you use (BTW, SNMP is the protocol that would let you get the information), you still need a tool to use the protocol to get the information you want. – Rex Jul 09 '13 at 22:15
  • yes definitely but netdisco looks like an installation heavy experience. just don't need that way. thanks anyways.. – Tirtha Pratim Bhattacharjee Jul 10 '13 at 17:01