cisco 2900xl - SNMP - Get mac address of device connected to an interface
Solution 1
I'm not sure if it's supported on 2900/IOS 12.0 but you can try to broswe dot1dTpFdbPort (.1.3.6.1.2.1.17.4.3.1.2) You need to use a special community string including the vlan for which you want to get the mac address table: community@vlan_number So if your switch is 1.2.3.4, use community snmpro and have vlan 30, try this:
snmpwalk -v2c -c snmpro@30 1.2.3.4 1.3.6.1.2.1.17.4.3.1.2
Solution 2
Radius, thanks for pointing me in the right direction. googled up a bit based on your sugestions and i think i have it now.
To anyone else who might need it, this is the procedure ....
1. get the mac address detected on a vlan (1 in this example)
snmpwalk -c public@1 -v2c 10.1.1.10 1.3.6.1.2.1.17.4.3.1.1
SNMPv2-SMI::mib-2.17.4.3.1.1.0.1.66.208.103.0 = Hex-STRING: 00 01 42 D0 67 00
SNMPv2-SMI::mib-2.17.4.3.1.1.0.1.66.208.103.1 = Hex-STRING: 00 01 42 D0 67 01
SNMPv2-SMI::mib-2.17.4.3.1.1.0.1.66.208.103.2 = Hex-STRING: 00 01 42 D0 67 02
SNMPv2-SMI::mib-2.17.4.3.1.1.0.1.66.208.103.3 = Hex-STRING: 00 01 42 D0 67 03
SNMPv2-SMI::mib-2.17.4.3.1.1.0.1.66.208.103.4 = Hex-STRING: 00 01 42 D0 67 04
SNMPv2-SMI::mib-2.17.4.3.1.1.0.1.66.208.103.5 = Hex-STRING: 00 01 42 D0 67 05
SNMPv2-SMI::mib-2.17.4.3.1.1.0.1.66.208.103.6 = Hex-STRING: 00 01 42 D0 67 06
SNMPv2-SMI::mib-2.17.4.3.1.1.0.1.66.208.103.7 = Hex-STRING: 00 01 42 D0 67 07
SNMPv2-SMI::mib-2.17.4.3.1.1.0.1.66.208.103.8 = Hex-STRING: 00 01 42 D0 67 08
SNMPv2-SMI::mib-2.17.4.3.1.1.0.1.66.208.103.9 = Hex-STRING: 00 01 42 D0 67 09
SNMPv2-SMI::mib-2.17.4.3.1.1.0.1.66.208.103.10 = Hex-STRING: 00 01 42 D0 67 0A
SNMPv2-SMI::mib-2.17.4.3.1.1.0.1.66.208.103.11 = Hex-STRING: 00 01 42 D0 67 0B
SNMPv2-SMI::mib-2.17.4.3.1.1.0.1.66.208.103.12 = Hex-STRING: 00 01 42 D0 67 0C
SNMPv2-SMI::mib-2.17.4.3.1.1.0.30.236.196.143.130 = Hex-STRING: 00 1E EC C4 8F 82
SNMPv2-SMI::mib-2.17.4.3.1.1.0.80.191.232.146.174 = Hex-STRING: 00 50 BF E8 92 AE
2. get the bridge port number for each vlan
snmpwalk -c public@1 -v2c 10.1.1.10 1.3.6.1.2.1.17.4.3.1.2
SNMPv2-SMI::mib-2.17.4.3.1.2.0.1.66.208.103.0 = INTEGER: 31
SNMPv2-SMI::mib-2.17.4.3.1.2.0.1.66.208.103.1 = INTEGER: 13
SNMPv2-SMI::mib-2.17.4.3.1.2.0.1.66.208.103.2 = INTEGER: 14
SNMPv2-SMI::mib-2.17.4.3.1.2.0.1.66.208.103.3 = INTEGER: 15
SNMPv2-SMI::mib-2.17.4.3.1.2.0.1.66.208.103.4 = INTEGER: 16
SNMPv2-SMI::mib-2.17.4.3.1.2.0.1.66.208.103.5 = INTEGER: 17
SNMPv2-SMI::mib-2.17.4.3.1.2.0.1.66.208.103.6 = INTEGER: 18
SNMPv2-SMI::mib-2.17.4.3.1.2.0.1.66.208.103.7 = INTEGER: 19
SNMPv2-SMI::mib-2.17.4.3.1.2.0.1.66.208.103.8 = INTEGER: 20
SNMPv2-SMI::mib-2.17.4.3.1.2.0.1.66.208.103.9 = INTEGER: 22
SNMPv2-SMI::mib-2.17.4.3.1.2.0.1.66.208.103.10 = INTEGER: 23
SNMPv2-SMI::mib-2.17.4.3.1.2.0.1.66.208.103.11 = INTEGER: 24
SNMPv2-SMI::mib-2.17.4.3.1.2.0.1.66.208.103.12 = INTEGER: 25
SNMPv2-SMI::mib-2.17.4.3.1.2.0.30.236.196.143.130 = INTEGER: 15
SNMPv2-SMI::mib-2.17.4.3.1.2.0.80.191.232.146.174 = INTEGER: 13
SNMPv2-SMI::mib-2.17.4.3.1.2.255.255.255.255.255.255 = INTEGER: 0
3. get bridge port number to ifindex mapping
snmpwalk -c public@1 -v2c 10.1.1.10 1.3.6.1.2.1.17.1.4.1.2
SNMPv2-SMI::mib-2.17.1.4.1.2.13 = INTEGER: 2
SNMPv2-SMI::mib-2.17.1.4.1.2.14 = INTEGER: 3
SNMPv2-SMI::mib-2.17.1.4.1.2.15 = INTEGER: 4
SNMPv2-SMI::mib-2.17.1.4.1.2.16 = INTEGER: 5
SNMPv2-SMI::mib-2.17.1.4.1.2.17 = INTEGER: 6
SNMPv2-SMI::mib-2.17.1.4.1.2.18 = INTEGER: 7
SNMPv2-SMI::mib-2.17.1.4.1.2.19 = INTEGER: 8
SNMPv2-SMI::mib-2.17.1.4.1.2.20 = INTEGER: 9
SNMPv2-SMI::mib-2.17.1.4.1.2.22 = INTEGER: 10
SNMPv2-SMI::mib-2.17.1.4.1.2.23 = INTEGER: 11
SNMPv2-SMI::mib-2.17.1.4.1.2.24 = INTEGER: 12
SNMPv2-SMI::mib-2.17.1.4.1.2.25 = INTEGER: 13
4. get the ifname
snmpwalk -c public@1 -v2c 10.1.1.10 1.3.6.1.2.1.31.1.1.1.1
IF-MIB::ifName.1 = STRING: VL1
IF-MIB::ifName.2 = STRING: Fa0/1
IF-MIB::ifName.3 = STRING: Fa0/2
IF-MIB::ifName.4 = STRING: Fa0/3
IF-MIB::ifName.5 = STRING: Fa0/4
IF-MIB::ifName.6 = STRING: Fa0/5
IF-MIB::ifName.7 = STRING: Fa0/6
IF-MIB::ifName.8 = STRING: Fa0/7
IF-MIB::ifName.9 = STRING: Fa0/8
IF-MIB::ifName.10 = STRING: Fa0/9
IF-MIB::ifName.11 = STRING: Fa0/10
IF-MIB::ifName.12 = STRING: Fa0/11
IF-MIB::ifName.13 = STRING: Fa0/12
IF-MIB::ifName.14 = STRING: Nu0
so in this case the 2 mac addresses on vlan 1 are on interfaces Fa0/1 and Fa0/3
Related videos on Youtube
ankit
Updated on September 17, 2022Comments
-
ankit over 1 year
Basically what i want to do is to find out what is the mac address of a device plugged in to an interface on the switch (FastEthernet0/1 for example)
reading through the switch documentaion i found out that i can configure snmp trap on it to make it notify of any new mac address the switch detects by using the command
snmp-server enable traps mac-notifiction
but for some reason my switch does not support this feature. the only options i see are
CORE_SWITCH(config)#snmp-server enable traps ? c2900 Enable SNMP c2900 traps cluster Enable Cluster traps config Enable SNMP config traps entity Enable SNMP entity traps hsrp Enable SNMP HSRP traps snmp Enable SNMP traps vlan-membership Enable VLAN Membership traps vtp Enable SNMP VTP traps <cr>
so the other way would be for me to run a cronjon on my gateway to poll the switch periodically using snmp to get new mac addresses
i have looked everywhere but cant seem to find the OID that would provide me this information.
any help i can get would me very much appreciated !
here's the output from "show version" on my switch
Cisco Internetwork Operating System Software IOS (tm) C2900XL Software (C2900XL-C3H2S-M), Version 12.0(5.4)WC(1), MAINTENANCE INTERIM SOFTWARE Copyright (c) 1986-2001 by cisco Systems, Inc. Compiled Tue 10-Jul-01 11:52 by devgoyal Image text-base: 0x00003000, data-base: 0x00333CD8 ROM: Bootstrap program is C2900XL boot loader CORE_SWITCH uptime is 1 hour, 24 minutes System returned to ROM by power-on System image file is "flash:c2900XL-c3h2s-mz.120-5.4.WC.1.bin" cisco WS-C2912-XL (PowerPC403GA) processor (revision 0x11) with 8192K/1024K bytes of memory. Processor board ID FAB0409X1WS, with hardware revision 0x01 Last reset from power-on Processor is running Enterprise Edition Software Cluster command switch capable Cluster member switch capable 12 FastEthernet/IEEE 802.3 interface(s) 32K bytes of flash-simulated non-volatile configuration memory. Base ethernet MAC Address: 00:01:42:D0:67:00 Motherboard assembly number: 73-3397-08 Power supply part number: 34-0834-01 Motherboard serial number: FAB040843G4 Power supply serial number: DAB05030HR8 Model revision number: A0 Motherboard revision number: C0 Model number: WS-C2912-XL-EN System serial number: FAB0409X1WS Configuration register is 0xF
thanks, -ankit
-
ankit over 13 yearsok did some googling . its actually community_string@vlan. using that and the OID 1.3.6.1.2.1.17.4.3.1.1 i get ... SNMPv2-SMI::mib-2.17.4.3.1.1.0.30.236.196.143.130 = Hex-STRING: 00 1E EC C4 8F 82 along with other MAC addresses. Question is how do I correlate them with what interface / port they are being detected on ?
-
radius over 13 yearsI think you answered yourself ;)
-
radius over 13 yearsNote that if you do some kind of script you probably don't need 1.3.6.1.2.1.17.4.3.1.1 as mac address is already in decimal in 1.3.6.1.2.1.17.4.3.1.2 OID's. (you can easily convert them). These OID's also work for IOS 12.1 but for IOS 12.2 you might also need 1.3.6.1.4.1.9.5.1.4.1.1.11 to map port id with port name
-
ankit over 13 yearsyep .. figured that when i started coding !
-
johndodo over 11 years@radius: that is only mostly true. On Extreme switch I have at hand some MACs are written as 5 digit entities (which is wrong). So you still need to use 1.3.6.1.2.1.17.4.3.1.1 to be on the safe side.
-
radius about 11 years@johndodo: question was about cisco device. Sure that for other vendors it might not work in the same way