Solved

SuSE arp table

Posted on 2006-10-29
20
2,225 Views
Last Modified: 2012-06-27
Hi Gurus,

I just started a new job. We have few switches which have multiple subnets. I have to redesign and install new switches to replace old switches. Looking into switch configuration files, I can see which ports are assign to which Vlan, but since it's layer2, don't know which ip subnetting is assign to which Vlan for the different group devices. It's very hard to trace cables to devices. What I would like to know how to display arp table in SuSE linux, so that I can see ip-mac mapping, and then by switch port mac address, can find out which ports are assign to which subnet. I know in windows one can ping ip number and then display arp table by using arp -a command to see ip-mac mapping, means rarp. I am new to linux and would like to know if there is any command that would display all arp entries, and also how to get those entries into arp table. Basically I know mac-addresses and would like to know ip-addresses.

Your help will be appreciated.

Thanks, Leo
0
Comment
Question by:msaalim
  • 8
  • 6
  • 4
20 Comments
 
LVL 43

Expert Comment

by:ravenpl
ID: 17832153
cat /proc/net/arp
/sbin/arp -n # You may need fill the table first with: ping -c3 some.ip.add.ress
/sbin/ip addr # for self
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 17832982
Hi,

Since you are using a Layer-2 switch, I guess your switch is not IPRouting capable (Layer-3/4). It means that all your VLAN's must be concentrated in one router. So You can see VLAN's and ports assigned to them. This is something.

Next you will go find your router (where all VLAN's are connected for intra segment routing). In fact when you've purchased a new swithc with Layer 3 or 4 functionality you will create all the V-LANS as they exist today what you will really do would be to remove the router and use the internal logic and backbone to perform intra segment routing.

In fact in this sense MAC adressess would be the last thing you will need for this work.  Furthermote arp table contains only the "know" knosts i.e., any host that your host had a transaction with but not contain other hosts in the same segment which it did not exchange data while including entries for the  hosts in other segments which your host had a transaction.

Cheers,
K.
0
 

Author Comment

by:msaalim
ID: 17833265
I don't have access to our routing switch. That is managed by another company. But I guess I got the solution for arp table display.

Thanks K for your help.
0
 

Author Comment

by:msaalim
ID: 17833359
I tried the following commands, but its only showing itself interface ip-mac mapping. Even though I am using ping -c3 xxx.xxx.xxx for other devices and then running /sbin/arp -n, but still showing only for interfaces for the system I am running the command from, and not showing any other devices mapping. Still need help.

ping -c3 some.ip.add.ress
/sbin/arp -n
0
 
LVL 43

Expert Comment

by:ravenpl
ID: 17833411
> and not showing any other devices mapping.
Of course not. How Your box could be aware of arp table from another machine? There's no global arp table!
But maybe other way: if You need find MAC for particualr IP, try
arping -c1 IP
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 17833542
Imsali, this is what I tried to say earlier. You have mac addreses of the systems in your segment that you've comunicated and your router mac mor interfaces other than your segment. This is how you communcate with these systems. As ravenpl indicated there's nothing like a global arp table. Furtermore the entries in your arp cache are removed once they are not accessed for a while. Remeber I told you :) arp reulds would be the last thing you'd ever require to achieve what you have to do :))
 
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 17833578
Oops lots of typos. The English version is follows sorry for typos.

msaalim, this is what I tried to say earlier. You have mac addreses of the systems in your segment that you've communicated and your router's mac addess for hosts outside of  your segment and sometimes mac addresses of your backbone routers other interfaces that connects segments to the backbone. This is how you communicate with these hosts. As ravenpl indicated there's nothing like a global arp table. Furtermore the entries in your arp cache are removed once they are not accessed for a while. Remember I told you :) arp results would be the last thing you'd ever require to achieve what you want to accompish :))
0
 

Author Comment

by:msaalim
ID: 17833967
My understaing is that if you can ping an ip and get an echo reply, that entry should be put into your system arp table, whether it's in your segment or in a different segment, and then when you display arp -n, it should display all the entries. The system I am using is a multi-home system and has access to more than one segment. Even though our switches are running layer 2 and we don't have access to our vlan routing switch, but of course the devices connected to switches have IP assign, and I am trying to figure out which vlan has which ip subnet, so that I can use the same interface range for same ip subnet on the new switches.

Leo
0
 
LVL 43

Expert Comment

by:ravenpl
ID: 17834013
> whether it's in your segment or in a different segment
No - only local segment! For remote LAN segments You get cashed only MAC for router (gateway).
In other words - scanning ARP You can only get MACs from within vlans You connected to.
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 17834169
Just as you direct the traffic to your default gateway arp  does the same in fact ARP is the underlaying protocol to your TCP/IP sessios. So all you have is your local MAC addresses plus your default gateway's IP representing other networks that you reach via your default gateway.

If you need the insights of queries etc just run Wireshark (new name of ethereal) to see that happens in the protocol level)

You know what they say "complex problems have simple, easy-to-understand and wrong answer". In fact this is how the ARP protocol runs. I know you'd thought that it would be a large table for you listing all the IP's and their mac addresess but unfortunately it does not work like that. Just think if it were to operate as you had thought it would be a big large table including all the MAC's from all around the world once we had pinged a host a the other end of the world. The table would contain all the mac adresess from each gateway it travels thet woud hang around there like forever. Then even the simplest ping or DNS query would create a whole-load of MACS flood back to the originator creating ICMP storms all over the world I don't want to think of network broadasts etc. Please tkae a lok at the RFC 826 which defines ARP protocol and especially to the chapter "Why it is done this way?" or just click here:
http://www.freesoft.org/CIE/RFC/826/7.htm


For more information on the ARP protocol:
http://en.wikipedia.org/wiki/Address_Resolution_Protocol
http://www.freesoft.org/CIE/Topics/61.htm


The bottom line is unfortunately arp is not the tool you are going for.
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 17834186
sooner or later you need the routing info from the company which has access to the backbone routing information and to replace that box you will need the routing table in it to replace it.

Cheers,
K.
0
 

Author Comment

by:msaalim
ID: 17836563
I understand your point, but in my case the system I am using is multihome and has 4 NICs, each connected to a different subnet. This system has access to all the subnet, and I should be able to ping each subnet devices and get the entries in the arp table...

Leo
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 17838581
Ok. Each system you ping that is connected to one of the physical interfaces of your multihome system includes the mac address of the pinged host if the system you ping is not attached physically will place only your gateway to that host.
0
 

Author Comment

by:msaalim
ID: 17842673
Then how can I switch from one physical interface to the other on the system, so that I should be able to ping and display arp for each subnet separately. Also do you know the command for displaying all physical interface configuration. I used IFCONFIG, but it didn't work, I get message -bash: ifconfig: command not found.

Leo
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 17842874
It is ifconfig. It seems that you are not logged into the system as root. System admin commands located  in /usr/sbin and /usr/bin are not a part of the path for users other than root. Try logging in as root or "su - root". You need to have the root password.
0
 
LVL 43

Accepted Solution

by:
ravenpl earned 250 total points
ID: 17843563
Why You want to use ifconfig? Sorry - but I'm not following...
If You have access to each VLAN without routing - then if You look MAC for IP1, simply type (as a root)
/sbin/arping -c3 -I eth0.0 IP1 # should show the MAC assigned to the IP1 or ping will fail. Use appropriate vlan device instead eth0.0
0
 
LVL 30

Assisted Solution

by:Kerem ERSOY
Kerem ERSOY earned 250 total points
ID: 17843887
ravenpl,

Once Wernher VonBraun told "Basic research is what I am doing when I don't know what I am doing." I guess he is considering his options in gerneral :)
0
 

Author Comment

by:msaalim
ID: 17965371
Thanks guys, problem is solved.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now