Determine switches between devices on LAN

routing dhcp ethernet switch
5,279

Solution 1

If they are Cisco switches (high probability) and they have CDP turned on (decently high probability) then you can sniff the network for CDP traffic.

CDP is link layer protocol that can help you determine layer 2 topologies. (exactly what you're looking for)

More on the protocol: http://en.wikipedia.org/wiki/Cisco_Discovery_Protocol

CDP is Cisco proprietary, but there are similar things from other vendors and an 'official standard called LLDP.

http://en.wikipedia.org/wiki/Link_Layer_Discovery_Protocol

On most Linux hosts you can install a package called 'cdpr' that will sniff and report back a decoded CDP frame if it receives one.

The above method would let you know what switch your end point devices are plugged in to, but you'll be missing any intermediate switch hops in the middle.

If you're not seeing any CDP or LLDP frames, you can make a little bit of inference about what switching topology you're connected to by looking at the Spanning Tree addressing.

Best of Luck.

Solution 2

Without having access to the switch to trace mac addresses (ie You know device A is patched to switch 1 port 10 you would then search for the mac of device B and trace it to what port it is connected to) there is no way to find out how many switches between two devices.

Solution 3

The only way to do this is with access to the switches themselves. If all you have access to are end hosts, it will not be possible for you to obtain information about the full topology.

If you are the network administrator, I would recommend documenting your physical topology manually ASAP. There may be open source and/or vendor tools that help you get started, but your network topology should be something you keep track of and modify in a planned way, rather than something you periodically discover.

If you are a user of the network who would like to know the topology, your best option is to speak to your administrator about making this information available through some sort of self service portal or API.

Solution 4

I know my answer is not exact for current topic, but i hope someone will google something similar and i can help.

So, assuming you have a box you have an access and you have a peer. You already know ip address of this peer (we will not discuss here how to determine it).

That's all. Box you have access to and ip address of the peer. You need to know is there a switch between you and peer.

Craft an arp request packet:

20:17:09.761940 ff:ff:ff:ff:ff:ff > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 10.200.200.101 tell 10.200.200.221, length 28

Idea is having ff:ff:ff:ff:ff:ff as source mac. In case there is NO switch on your way you will receive an answer:

20:17:09.762234 08:00:27:7b:b0:d7 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Reply 10.200.200.101 is-at 08:00:27:7b:b0:d7, length 28

Switch will not allow arp reply with broadcast mac address. So if you DIDN'T receive answer - you DO have a switch on your way.

Share:
5,279

Related videos on Youtube

Justin Myles Holmes
Author by

Justin Myles Holmes

Updated on September 17, 2022

Comments

  • Justin Myles Holmes
    Justin Myles Holmes over 1 year

    I'm on a network where most devices are DHCP. If I have a few switches between device A and a DHCP server, how can I find out what they are?

    traceroute just gives me 1 hop, regardless of the number of switches between device A and the DHCP server.

    • Saurabh Barjatiya
      Saurabh Barjatiya over 13 years
      Add switch type/make/model info to question so that people can answer appropriately.
  • Justin Myles Holmes
    Justin Myles Holmes over 13 years
    I do have access to the switch. Can you explain this process a bit more or do you have a link where I can read more about it?
  • icyrock.com
    icyrock.com over 13 years
    Hm... I think you are mostly out of luck here. Switches have only MAC addresses, they don't have IP addresses, so none of the IP tools (like ping and traceroute) won't see or even care there are switches. There might be some low-level tool that does this, but I am not aware of any. Hope others can shed more light...
  • pat
    pat over 13 years
    depending on the type of switches they are basically you need to look at the arp table within the switch that device A is connected to and look for the MAC of device B. The arp table should tell you which Port that it discovered that MAC from, if that is another switch repeat this process till you find the switch that device B is connected to. Other than that, you can physically inspect the switches and probably figure it out.
  • Justin Myles Holmes
    Justin Myles Holmes over 13 years
    This is a very small network, and I'm already working on documenting it manually. This is actually more of an exercise than anything. I do have access to the switches, but I don't know how to inspect the arp tables as payload suggests.
  • Andras Balázs Lajtha
    Andras Balázs Lajtha over 13 years
    You should be looking for MAC ADDRESS TABLEs not ARP tables. MAC address tables are learned mappings of mac addresses to ports. ARP tables are mappings of mac addresses to IPs.
  • pat
    pat over 13 years
    Yes what Joel K said, it was prior to my morning coffee :)
  • Murali Suriar
    Murali Suriar over 13 years
    What brand and model of switches do you have deployed? Depending on the answer, your problem is either fairly difficult or relatively straightforward. :)

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Why do partially failed/failing switches fail to pass DHCP?
multiple default gateways for alias interfaces
server wont connect to network; cannot find device eth0
Ethernet- Device not managed after changing static ip
Set up eth0 network interface using DHCP in initramfs
how to configure 2 network interfaces with different gateways
Network eth0 DHCP, static ip and autonegotiation issues
Using the Wifi of a notebook via ethernet for another PC
Ethernet switch not working
No connection on D-Link DGS-1008A switch