Check the connected switch port according to the IP address. Applicable to the CISCO Network

In the middle of a Cisco switching network, how do I find out which port of the switch is connected to the IP address of a machine? The most convenient and quick way is to use the User tracking function of the CiscoWorks 2000 LMS network management software. The graphical interface is clear at a glance.
If you do not have this software, you can use the following manual analysis method to find the answer:

Example network: the core switch is 6509 (switch engine SE uses CatOS, MSFC runs IOS software)

1. Find the MAC address corresponding to the IP Address:

You can view the ARP cache table of the system to find the MAC address corresponding to an IP address. Because ARP cannot be performed across VLANs, MSFC, the routing module connecting to each VLAN, is the best choice-generally, it has a port (interface VLAN n) in each VLAN ), correct ARP interpretation.

6509 MSFC # ping 10.10.1.65

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.1.65, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 MS
6509 MSFC # show arp | in 10.10.1.65
Internet 10.10.1.65 2 0006.2973.121d ARPA Vlan2

Through the above command, we know that the MAC address of 10.10.1.65 is 0006.2973.121d, which is the MAC address expression of IOS devices. In CatOS, it should be written as 00-06-29-73-12-1d.

2. Find the port corresponding to the MAC address on the vswitch

Listen 9se> (enable) show cam 00-06-29-73-12-1d
* = Static Entry. + = Permanent Entry. # = System Entry. R = Router Entry.
X = Port Security Entry $ = Dot1x Security Entry

VLAN Dest MAC/Route Des [CoS] Destination Ports or VCs/[Protocol Type]
----------------------------------------------------------------------
2 00-06-29-73-12-1d 9/41 [ALL]
Total Matching CAM Entries Displayed = 1

This is not to say that machines with IP address 10.10.1.65 are connected to port 9/41?

Not necessarily. If the following command shows that there is only one active MAC address on the port, the answer is yes:

Ipv9se> (enable) show cam dynamic 9/41
* = Static Entry. + = Permanent Entry. # = System Entry. R = Router Entry.
X = Port Security Entry $ = Dot1x Security Entry

VLAN Dest MAC/Route Des [CoS] Destination Ports or VCs/[Protocol Type]
----------------------------------------------------------------------
2 00-06-29-73-12-1d 9/41 [ALL]
Total Matching CAM Entries Displayed = 1

If the command shows that the port has multiple active MAC addresses, the port should be connected to another switch or HUB device, see the following example (find the switch port corresponding to the IP address 10.10.1.250 ):

6509 MSFC # ping 10.10.1.250

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.1.250, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 MS
6509 MSFC # show arp | in 10.10.1.250
Internet 10.10.1.250 4 0009.6b8c.64ec ARPA Vlan2

Listen 9se> (enable) show cam 00-09-6b-8c-64-ec
* = Static Entry. + = Permanent Entry. # = System Entry. R = Router Entry.
X = Port Security Entry $ = Dot1x Security Entry

VLAN Dest MAC/Route Des [CoS] Destination Ports or VCs/[Protocol Type]
----------------------------------------------------------------------
2 00-09-6b-8c-64-ec 3/11 [ALL]
Total Matching CAM Entries Displayed = 1
Listen 9se> (enable) show cam dy 3/11
* = Static Entry. + = Permanent Entry. # = System Entry. R = Router Entry.
X = Port Security Entry $ = Dot1x Security Entry

VLAN Dest MAC/Route Des [CoS] Destination Ports or VCs/[Protocol Type]
----------------------------------------------------------------------
1 00-03-e3-4b-06-80 3/11 [ALL]
1 00-08-02-e6-b0-cd 3/11 [ALL]
1 00-02-a5-ee-f2-4f 3/11 [ALL]
1 00-09-6b-8c-66-d6 3/11 [ALL]
1 00-09-6b-63-17-d9 3/11 [ALL]
1 00-0b-cd-03-ec-f5 3/11 [ALL]
1 00-09-6b-63-17-d8 3/11 [ALL]
1 00-08-02-e6-b0-c1 3/11 [ALL]
1 00-08-02-e6-b0-85 3/11 [ALL]
1 00-08-02-e6-b0-81 3/11 [ALL]
1 00-02-a5-ef-16-af 3/11 [ALL]
1 00-02-a5-ee-f2-93 3/11 [ALL]
1 00-02-55-c6-05-61 3/11 [ALL]
2 00-09-6b-8c-64-ec 3/11 [ALL]
1 00-08-02-e6-b0-ed 3/11 [ALL]
1 00-08-02-e6-b0-a9 3/11 [ALL]
1 00-02-55-54-7a-e0 3/11 [ALL]
1 00-02-a5-ef-15-a6 3/11 [ALL]
1 00-08-02-e6-af-8f 3/11 [ALL]
1 00-08-02-e6-b0-bd 3/11 [ALL]
1 00-0b-cd-03-db-8b 3/11 [ALL]
1 00-09-6b-8c-25-50 3/11 [ALL]
Do you wish to continue y/n [n]? N

[1] [2] Next page

Article entry: csh responsible editor: csh

Because the port is connected to another switch or HUB, you must continue tracing as follows:

Ipv9se> (enable) show cdp nei 3/11
*-Indicates vlan mismatch.
#-Indicates duplex mismatch.
Port Device-ID Port-ID Platform
----------------------------------------------------------------------------
3/11 Cisco2924 GigabitEthernet1/1 cisco WS-C2924M-XL

This command shows that the Peer device is a Cisco2924 device. If it is not displayed, it indicates that the device is connected to another manufacturer and may need to be traced to the switch in a similar way. In this example, there are Cisco devices. We can continue:

Ipv9se> (enable) show cdp nei 3/11 de
Port (Our Port): 3/11
Device-ID: Cisco2924
Device Addresses:
IP Address: 10.10.0.60
Holdtime: 153 sec
Capabilities: TRANSPARENT_BRIDGE SWITCH
Version:
Cisco Internetwork Operating System Software
IOS (tm) C2900XL Software (C2900XL-C3H2S-M), Version 12.0 (5.2) XU, MAINTENANCE INTERIM SOFTWARE
Copyright (c) 1986-2000 by cisco Systems, Inc.
Compiled Mon 17-Jul-00 :35 by ayounes
Platform: cisco WS-C2924M-XL
Port-ID (Port on Neighborss Device): GigabitEthernet1/1
VTP Management Domain: lan
Native VLAN: 1
Duplex: full
System Name: unknown
System Object ID: unknown
Management Addresses: unknown
Physical Location: unknown

Cisco2924 # show mac-address-table dynamic address 0009.6b8c.64ec
Non-static Address Table:
Destination Address Type VLAN Destination Port
-------------------------------------------------------
0009.6b8c.64ec Dynamic 2 FastEthernet0/2

Cisco2924 # show mac-address-table dynamic interface f0/2
Non-static Address Table:
Destination Address Type VLAN Destination Port
-------------------------------------------------------
0009.6b8c.64ec Dynamic 2 FastEthernet0/2

The preceding command shows that the MAC address 0009.6b8c.64ec is connected to the Cisco 2924 switch and is the only active MAC address on the port. Therefore, machines with IP address 10.10.1.250 are connected to the port.

Previous Page [1] [2]

Article entry: csh responsible editor: csh