I remember once seeing an IOS command that, given a mac address, would trace that address through the network to its end point. For example; a PC is connected to port 8 of a 2950 switch. The 2950 uplinks to a 3550 which, in turn, uplinks to a core 6509. From the 6509 i can issue a command which shows me all intermediary devices and shows me the end switch and which port the target device connects to. Does anyone know the syntax for this command?
In article , dexx wrote: :I remember once seeing an IOS command that, given a mac address, would :trace that address through the network to its end point. For example; a :PC is connected to port 8 of a 2950 switch. The 2950 uplinks to a 3550 :which, in turn, uplinks to a core 6509. From the 6509 i can issue a :command which shows me all intermediary devices and shows me the end :switch and which port the target device connects to. Does anyone know :the syntax for this command?
If it can be done at all, it would be via cdp .
In general, it can't be done with much degree of certainty. And 75% of the time, when you go to look for the information, it isn't there anymore.
You are probably thinking of L2trace. But there are severe limitations. We have asked Cisco for such a tool though. They have it for multicasts (mapping out the MC tree) so it would be pretty easy to convert it to unicast traffic.
In the tool, I wanted to see L3 *and* L2 port information, associated error counters, and it *had* to account for redundant paths since every link on our network is redundant. Getting cef exact-route info was considered gravy.
It can be done but the usual output is something like this:
sw2#traceroute mac 0011.43a4.dd3a 0020.6b51.2455 Source 0011.43a4.dd3a found on sw1
1 sw1 (2.2.2.2) : Fa0/11 => Fa0/24 2 sw2 (2.2.2.3) : Fa0/23 => Gi0/1 l2trace error response received : 7 from 2.2.2.4 Unable to locate port for src 0011.43a4.dd3a on sw3 [2.2.2.4]. Layer2 trace aborted.
I don't know about the 6500 series, as I don't have access to one at the moment, but on 3750s and 2950s, use trace mac:
3750g.core#trace mac 0004.23a8.e67c 0800.46cf.1b27 vlan 70 Source 0004.23a8.e67c found on 3750g.core 1 3750g.core (10.8.5.1) : Gi2/0/24 => Gi2/0/10 2 2950t-1.a (10.8.5.58) : Fa0/1 => Fa0/22 3 2950t-1.d (10.8.5.63) : Gi0/2 => Gi0/1 4 2950t-2.d (10.8.5.64) : Gi0/2 => Fa0/14 Destination 0800.46cf.1b27 found on 2950t-2.dWith the lack of such a command I've made a PERL script to do this job, input in the script is:
- MAC address
- VLAN number
- List of IP numbers of Cisco switches w/ uplinks (these ports should not be tested) in a textfile, such as:
192.168.1.1 Gi1/1 Gi1/3 192.168.1.2 Gi1/2 Gi1/3 192.168.1.5 1/2 1/3IOS and CatOS switches use different portnames, Gi3/1 (4506) and 1/1 (6509).
The script is based on SNMP read-only and searches the mac-address-table for the specific MAC/VLAN. Some conversions have to be made (hex MAC to decimal notation). The script also provides a conversion for ifindex to readable (Gi1/1 or 6/5) portnumbers. Works like a charm for me.
Also problems like duplicate MAC can be found easily, the script searches all given switches for the MAC/VLAN. Only caveat of the script is the .txt file which must be kept uptodate with the actual topology.
I'm using the script with Activestate PERL v5.6.1 build 635, MS C++ 6.0 (nmake) and NET-SNMP 4.1.2 library on a W2k station.
Arjen
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.