650x + multiple VLANs + l2trace on non-mgmt VLAN

Discussion in 'Cisco' started by papi, May 15, 2005.

  1. papi

    papi Guest

    I give up :( I have a 6506, running hybrid, with switching and inter-VLAN
    routing enabled, and multiple VLANs defined. I cannot figure out how to
    run l2trace for systems belonging to other VLANs than the management one
    (in an attempt to identify the port where a specific IP addressed system
    is, which is not in the management VLAN).

    I assume (?!?) that is because I am remotely logged into the management
    VLAN and thus any attempts to identify the MAC of another VLAN system
    failing: e.g.

    my_switch> l2trace 172.30.0.1 172.30.0.5
    Cannot find the corresponding MAC address for the source IP address
    172.30.0.1. l2trace aborted.

    -- where the mgmt VLAN interface I am logged in "through" being on
    172.20.0.1

    but the question is: how do I get access to those other VLANs, to be able
    to l2trace IPs or MACs?!? I guess the question could be further
    expanded (excluding the l2tracee mechanism): how do I find out the
    ports where systems with a specific IP are plugged in, if those systems
    belong to another VLAN than the management (and obviously I do NOT know
    their MACs!!!)?!?Any ideas?!?

    NOTE: I need - further - to span that port to another system which I just
    placed in the same VLAN, for debugging purposes (but I think that part
    would be easier?!?).


    TIA,
    papi
    papi, May 15, 2005
    #1
    1. Advertising

  2. In article <4287580c$0$28853$>,
    papi <> wrote:
    :I give up :( I have a 6506, running hybrid, with switching and inter-VLAN
    :routing enabled, and multiple VLANs defined. I cannot figure out how to
    :run l2trace for systems belonging to other VLANs than the management one

    I do not know anything about l2trace, but if it uses SNMP, then
    you need to use SNMP "community indexing" or "snmp contexts"

    ftp://ftp.cisco.com/pub/mibs/supportlists/wsc6509/wsc6509-communityIndexing.html
    --
    I was very young in those days, but I was also rather dim.
    -- Christopher Priest
    Walter Roberson, May 15, 2005
    #2
    1. Advertising

  3. papi

    papi Guest

    On Sun, 15 May 2005 17:02:58 +0000, Walter Roberson wrote:

    > In article <4287580c$0$28853$>,
    > papi <> wrote:
    > :I give up :( I have a 6506, running hybrid, with switching and inter-VLAN
    > :routing enabled, and multiple VLANs defined. I cannot figure out how to
    > :run l2trace for systems belonging to other VLANs than the management one
    >
    > I do not know anything about l2trace, but if it uses SNMP, then
    > you need to use SNMP "community indexing" or "snmp contexts"
    >
    > ftp://ftp.cisco.com/pub/mibs/supportlists/wsc6509/wsc6509-communityIndexing.html


    Thank you for your answer - I am not sure what would be the syntax for
    snmpwalk, though, in such a case:

    $ sudo snmpwalk -v 1 -c public@vlan-<whatever> <IP-of-switch>

    does not seem to work (with public@<> with or without quotes)?!?

    NOTE: Your response gave me an idea, though, so I snmpwalked the switch,
    looking for the IP, i.e.:

    $ sudo snmpwalk -v 1 -c public <my_switch_IP> |grep <"the"-IP>

    thus obtaining the MAC, then telnet-ed into the switch and running accross
    the dynamic cam table, i.e.:

    my_switch>show cam dynamic <my_vlan> | include <MAC-address>

    and got the answer ... Hmmm - but I would love to automate this, somehow,
    so the proper syntax to what you were suggesting may be the only "clean"
    way.

    Thx again,
    papi
    papi, May 15, 2005
    #3
  4. On 15.05.2005 16:15 papi wrote

    > I give up :( I have a 6506, running hybrid, with switching and inter-VLAN
    > routing enabled, and multiple VLANs defined. I cannot figure out how to
    > run l2trace for systems belonging to other VLANs than the management one
    > (in an attempt to identify the port where a specific IP addressed system
    > is, which is not in the management VLAN).
    >
    > I assume (?!?) that is because I am remotely logged into the management
    > VLAN and thus any attempts to identify the MAC of another VLAN system
    > failing: e.g.
    >
    > my_switch> l2trace 172.30.0.1 172.30.0.5
    > Cannot find the corresponding MAC address for the source IP address
    > 172.30.0.1. l2trace aborted.
    >
    > -- where the mgmt VLAN interface I am logged in "through" being on
    > 172.20.0.1
    >
    > but the question is: how do I get access to those other VLANs, to be able
    > to l2trace IPs or MACs?!? I guess the question could be further
    > expanded (excluding the l2tracee mechanism): how do I find out the
    > ports where systems with a specific IP are plugged in, if those systems
    > belong to another VLAN than the management (and obviously I do NOT know
    > their MACs!!!)?!?Any ideas?!?
    >


    Buna,

    l2trace will only be successful for those MAC addresses which are in
    your CAM table. So try to l2trace between two MAC addresses first. afaik
    l2trace also uses CDP.




    Arnold
    --
    Arnold Nipper, AN45
    Arnold Nipper, May 15, 2005
    #4
  5. papi

    papi Guest

    On Sun, 15 May 2005 20:21:32 +0200, Arnold Nipper wrote:

    > On 15.05.2005 16:15 papi wrote
    >
    >> I give up :( I have a 6506, running hybrid, with switching and inter-VLAN
    >> routing enabled, and multiple VLANs defined. I cannot figure out how to
    >> run l2trace for systems belonging to other VLANs than the management one
    >> (in an attempt to identify the port where a specific IP addressed system
    >> is, which is not in the management VLAN).
    >>
    >> I assume (?!?) that is because I am remotely logged into the management
    >> VLAN and thus any attempts to identify the MAC of another VLAN system
    >> failing: e.g.
    >>
    >> my_switch> l2trace 172.30.0.1 172.30.0.5
    >> Cannot find the corresponding MAC address for the source IP address
    >> 172.30.0.1. l2trace aborted.
    >>
    >> -- where the mgmt VLAN interface I am logged in "through" being on
    >> 172.20.0.1
    >>
    >> but the question is: how do I get access to those other VLANs, to be able
    >> to l2trace IPs or MACs?!? I guess the question could be further
    >> expanded (excluding the l2tracee mechanism): how do I find out the
    >> ports where systems with a specific IP are plugged in, if those systems
    >> belong to another VLAN than the management (and obviously I do NOT know
    >> their MACs!!!)?!?Any ideas?!?
    >>

    >
    > Buna,
    >
    > l2trace will only be successful for those MAC addresses which are in
    > your CAM table. So try to l2trace between two MAC addresses first. afaik
    > l2trace also uses CDP.
    >
    > Arnold


    Multumesc :)

    See my other follow-up, regarding snmpwalk-ing the whole deal. I think
    that there is an issue with where from you're trying to l2trace (different
    VLAN may not show what's needed, while a combination of snmpwalk and cam
    table lookup may provide the answer).

    On the other observation - I had great hopes about a tool with CDP
    capabilities, for obvious reasons (not having too manually traverse
    switches, when a specific MAC is found across a trunk interface) ... but
    that is another deal, altogether.

    papi
    papi, May 15, 2005
    #5
  6. papi

    Guest

    PAPI,

    STEP 1: ping the destination IP so your router knows about it and you
    know its live
    STEP 2: (Using Net-SNMP) 'snmpwalk -c <COMMSTRING> <router IP address>
    ipNetToPhysAddress'
    - this will return all the MAC-to-IP resolutions your router knows
    of
    STEP 3: On the switch, 'show cam dyn <MAC of target IP>'
    - this will show you the port (or trunk) the MAC has been learned
    through

    That simple. True, if you have multiple switches and it is not
    practical to issue the 'show cam ...' command on each of them, then you
    can do as someone else in this thread suggested and use Cisco's SNMP
    community indexing. But there is a lot more to it than that. You would
    have to:
    1) retrieve all MAC's from all VLAN's on each switch -dot1dTpFdbAddress
    retrieves them in HEX to Decimal table form.
    2)get the decimal MAC to "Bridge Port Identifier" translation. This is
    an arbitrary # assigned to each decimal MAC - dot1dTpFdbPort.
    3) get the "basePortIfIndex" to ifIndex translation. This translates
    the arbitrary (or dynamic, if you prefer) # assigned to each MAC in a
    VLAN to the arbitrarily (dynamically) assigned # to each port in the
    switch - dot1dBasePortIfIndex
    4) From here, you get the ifIndex to switch port name translation via
    portName or locIfDescr (depending on how old your equipment is).

    .... and there you go. If you are going to go this far into it, then it
    also might help to weed out your trunk ports somewhere in the steps
    below (cause the machine you are searching for would never be attached
    to a trunk port, of course).

    .... and, once you get this far and you have the ifIndex to port name
    mappings, then you can get a whole flood of info; any table that is
    associated with ifIndex will now be easily understoood, retrievable,
    etc.

    Give me a good NMS job and I will write you a million dollar app!
    Dan

    papi wrote:
    > On Sun, 15 May 2005 20:21:32 +0200, Arnold Nipper wrote:
    >
    > > On 15.05.2005 16:15 papi wrote
    > >
    > >> I give up :( I have a 6506, running hybrid, with switching and

    inter-VLAN
    > >> routing enabled, and multiple VLANs defined. I cannot figure out

    how to
    > >> run l2trace for systems belonging to other VLANs than the

    management one
    > >> (in an attempt to identify the port where a specific IP addressed

    system
    > >> is, which is not in the management VLAN).
    > >>
    > >> I assume (?!?) that is because I am remotely logged into the

    management
    > >> VLAN and thus any attempts to identify the MAC of another VLAN

    system
    > >> failing: e.g.
    > >>
    > >> my_switch> l2trace 172.30.0.1 172.30.0.5
    > >> Cannot find the corresponding MAC address for the source IP

    address
    > >> 172.30.0.1. l2trace aborted.
    > >>
    > >> -- where the mgmt VLAN interface I am logged in "through" being on
    > >> 172.20.0.1
    > >>
    > >> but the question is: how do I get access to those other VLANs, to

    be able
    > >> to l2trace IPs or MACs?!? I guess the question could be further
    > >> expanded (excluding the l2tracee mechanism): how do I find out the
    > >> ports where systems with a specific IP are plugged in, if those

    systems
    > >> belong to another VLAN than the management (and obviously I do NOT

    know
    > >> their MACs!!!)?!?Any ideas?!?
    > >>

    > >
    > > Buna,
    > >
    > > l2trace will only be successful for those MAC addresses which are

    in
    > > your CAM table. So try to l2trace between two MAC addresses first.

    afaik
    > > l2trace also uses CDP.
    > >
    > > Arnold

    >
    > Multumesc :)
    >
    > See my other follow-up, regarding snmpwalk-ing the whole deal. I

    think
    > that there is an issue with where from you're trying to l2trace

    (different
    > VLAN may not show what's needed, while a combination of snmpwalk and

    cam
    > table lookup may provide the answer).
    >
    > On the other observation - I had great hopes about a tool with CDP
    > capabilities, for obvious reasons (not having too manually traverse
    > switches, when a specific MAC is found across a trunk interface) ...

    but
    > that is another deal, altogether.
    >
    > papi
    , May 15, 2005
    #6
  7. papi

    papi Guest

    Very good suggestions - all - I've mentioned part of those in the other
    thread of "replies-to-answers", to my original posting. There are multiple
    ways to "skin a cat", but none with immediately useful results - a bunch
    of sed and awk one-liners, with SNMP, should give the desired output. I
    also like the "|" capability (regex) of Cisco CLI, BUT - all in all - I
    was interested in making l2trace work, though ...

    thanks again for all answers,
    papi

    P.S.: it is ipNetToMediaPhysAddress, not ipNetToPhysAddress :)

    On Sun, 15 May 2005 12:22:58 -0700, dmcollin wrote:

    > PAPI,
    >
    > STEP 1: ping the destination IP so your router knows about it and you
    > know its live
    > STEP 2: (Using Net-SNMP) 'snmpwalk -c <COMMSTRING> <router IP address>
    > ipNetToPhysAddress'
    > - this will return all the MAC-to-IP resolutions your router knows
    > of
    > STEP 3: On the switch, 'show cam dyn <MAC of target IP>'
    > - this will show you the port (or trunk) the MAC has been learned
    > through

    <snip>
    papi, May 15, 2005
    #7
  8. papi

    Guest

    Yes, yes ... ipNetToMediaPhysAddress and there are other similar ones
    that would do the trick.

    all of my L2TRACE experiences ended up with results like yours. That's
    why I went for the app.

    cheers.
    , May 16, 2005
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Mark
    Replies:
    0
    Views:
    921
  2. BG
    Replies:
    4
    Views:
    12,425
  3. Brian

    Color Mgmt in Photoshop

    Brian, Mar 2, 2005, in forum: Digital Photography
    Replies:
    15
    Views:
    467
    Bill Hilton
    Mar 9, 2005
  4. JavierI
    Replies:
    0
    Views:
    706
    JavierI
    Nov 17, 2007
  5. swpa

    native vlan for mgmt

    swpa, Jul 19, 2009, in forum: Cisco
    Replies:
    3
    Views:
    1,644
    Lawrence Houston
    Jul 19, 2009
Loading...

Share This Page