1. Home
  2. Cisco Systems
  3. Determining an IP address' port on a Catalyst 4006?

Determining an IP address' port on a Catalyst 4006?

I'm not quite sure how to phrase this question, but I'll give it a try anyhow. I inherited a pair of Catalyst 4006s, both running CatOS

8.1(2). There are about 200 active ports in each chassis, with very little documentation as to what is plugged in to where. I've done the best I can using things like "sh cam dyn" and tools like nmap in terms of matching MAC addresses to devices on the network, but there are a few devices I'm struggling with.

What would *really* help me is if there was a way for CatOS to "sniff" the destination IP address of a certain port. For example, I don't know what port 2/2 is:

CAT4000-1> (enable) sh cam dyn 2/2

  • = Static Entry. + = Permanent Entry. # = System Entry. R = Router Entry. X = Port Security Entry $ = Dot1x Security Entry

VLAN Dest MAC/Route Des [CoS] Destination Ports or VCs / [Protocol Type]

---- ------------------ -----

-------------------------------------------

1 00-0f-20-32-11-80 2/2 [ALL]

and I can't seem to find that MAC address anywhere in the network. Is there any way that CatOS can pull the destination IP address of data headed to that MAC, which may give me the IP address of whatever device is connected to port 2/2?

Thanks,

Chris

Reply to
Chris
Loading thread data ...

If I recall correctly, you can use CatOS to mirror the traffic from 2/2 over to another port (that you would have a sniffer listening on.)

Reply to
Walter Roberson

If you have a PC or router on the same VLAN you can use any scanner to ping (say) all ip addresses on the VLAN.

you then look at your APR cache.

Windows arp -a.

Reply to
Bod43

Is

To see where a MAC is use the following

show cam dynamic | include /

To forward the traffic of a VLAN or port to a specific port use SPAN

switch-4006> (enable) set span ? disable Disable port monitoring Source module and port numbers Source VLAN numbers switch-4006> (enable) set span 1 ? Destination module and port numbers switch-4006> (enable) set span 1 3/34 ? both Both receiving and transmitting traffic create Creating new SPAN session filter Monitor traffic on selected vlans inpkts Enable/disable destination port incoming packets learning Enable/disable MAC address learning rx Receiving traffic tx Transmitting traffic switch-4006> (enable) set span 1 3/34

HTH Alex.

Reply to
AM

You just need the IP address of the device that's on port 2/2? Is there a router that's routing traffic for the subnet that the host is in? If so (and if you have access to the router) all you need to do is go to the router and look at the arp table. On the router you would want to use the following command:

sh ip arp | incl 000f.2032.1180

Notice that the format of the MAC address is slightly different between CatOS and IOS.

[example] router#sh ip arp | incl 0017.c2a9.2a49 Internet 192.168.49.107 102 0017.c2a9.2a49 ARPA FastEthernet0/0.49

If you don't have access to the router, can you put a laptop on another switch port (in the same vlan) and ping all the IP addresses in that subnet? Then look at the arp table on the laptop and see if you find your MAC address. Hope this helps.

-Dan

Reply to
dtpike

Reply to
moizs

Rgds Moiz

Reply to
moizs

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.