Your network grinds to a screeching halt. All the
switch port lights are solid, and your only theory is that the network is under
attack. What do you do?
Question: “I have 3 cisco switches, each 48 ports. How
do u know, in which switch, in which port, my pc is connected. i just know my
pc IP address. i can access my switch.”
The first step is to fire up your network
protocol analyzer and capture data off of the core switch. From your protocol
analyzer, you see that an IP address is flooding the network with
unidentifiable traffic. From the packet, you get the MAC address. Now you need
to find the location of the PC.
You know that the PC must be connected to
any one of a few hundred Ethernet patch panel ports in the network room; those
switch ports go to ports on the Ethernet switch. If you could tell which MAC
address is on which switch port, you could identify the PC and either shut down
the switch port or go to the office where the PC is and shut it down.
Here are various solutions that may help
you determine which device is connected to which port on your Cisco
switch.
An Appliance Solution
At Interop 2007, I spotted an interesting
solution from port tracker. The U. K.-based company offers a dedicated
appliance called port tracker that maps your network for you. This solution
tries to solve three issues: (1) ports going unused (port tracker refers to
this as port wastage); (2) reduce downtime and know “what is connected where”;
(3) identify at-risk ports.
Software Applications
There are a vast number of software
applications out there to help you in this situation. Here are a few that I
think are worth checking out.
- Northwest Performance Software’s Managed Switch Port Mapping Tool uses SNMP to communicate with switches and to find out what is attached where. It works with different brands of switches; it shows VLAN assignments; and it exports to a spreadsheet. The standalone price for the tool is $199, and there is 15-day free trial.
- Manage Engine offers the Switch Port Mapper Tool, which handles multiple brands of switches and imports cable port mappings. See the Manage Engine site for detailed pricing information.
- Netxar Technologies’ Switch Inspector maps switch ports. The cost is $99, and there is a 15-day trial download.
- SolarWinds’ LANsurveyor automatically discovers and diagrams your network and what is connected where. It does more than the other packages, which is why it has a price tag of $1,995.
- Solar Winds’ Switch port Mapper is similar to LAN surveyor, and it’s part of Solar Winds’ Engineer’s Toolset. The suite runs about $1,400, and the company offers a 30-day evaluation.
Note: My
search didn’t turn up any free open-source products. If you know of any open
source products that map switch ports, please post your recommendations in the
article discussion.
The Cisco IOS CLI Command
The easiest way to see which Ethernet MAC
address is on which port is to use the show mac-address-table command.
Here is an example:
switch# show mac-address-table
Mac Address Table
-------------------------------------------
Vlan Mac
Address
Type Ports
----
----------- --------
-----
1 0007.e9e2.2d7d
DYNAMIC Fa0/5
1 0009.0f30.07e9
DYNAMIC Fa0/48
1 0009.5bbc.af04
DYNAMIC Fa0/28
1
00e0.bb2c.30d1 DYNAMIC Gi0/1
1 00e0.bb2c.3e5f
DYNAMIC Gi0/1
Total Mac Addresses for this
criterion: 5
Switch#
(The MAC address table is truncated for
brevity.)
With the command, you can figure out which
MAC address is on which port. When you use the command, you have to go to each
switch and run the command. If the network is down, you will have to go to the
console of each switch. If you had one of the applications above, you should
have been able to map out which MAC address (and even which PC name) is on
every switch in the network.
If the scenario I describe at the beginning
of the article does happen, you could reference your spreadsheet or printout of
which device is connected where.
When your network is in crisis, it’s
important to know which device is connected to which switch port without having
to run to the network room, hook up a console cable, and/or trace cables from
switches to wall ports. By having network analysis applications and switch port
mapping tools available ahead of time, you may be able to resolve the problem
on your network before it actually becomes a crisis.
Note: Full Reading of What Device is on What Port on a Cisco Switch?
More Cisco Switch and Cisco Network Info
and Tips
No comments:
Post a Comment