• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2959
  • Last Modified:

sho arp doesn't show mac-address and sho mac-address doesn't show the interface where ip is located

I have 3 Cisco 3750 switches that are connected via trunk links to each other.  When I do:
ping 172.31.6.11
sho arp

on 1 of my switches it doesn't even show the ip and the coresponding mac-address.  This particular host is physically plugged into port 10 on that switch.  
on the 2nd or 3rd switch switches it shows the mac-address and it's the same mac-address for a lot of different ip addresses, meaning that these ips are located on a different switch.  I follow it up the chain and then when I get to the 1st switch and I try to do a "sho mac-address-table", it shows that it's going out of interface 1/0/1 which goes out to another location across town.  

Here's my config for that 1st switch where this host is located:
Current configuration : 8085 bytes
!
! Last configuration change at 15:07:48 PDT Tue Oct 9 2007 by admin
! NVRAM config last updated at 15:10:07 PDT Wed Sep 19 2007 by admin
!
version 12.2
no service pad
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
!
hostname 1st3750
!
enable password 7 094D4C0A0D
!
username damiens privilege 15 password 7 070833494B071E0C161C1F
username admin privilege 15 secret 5 $1$/6HF$Gm0.fqpPuvmoiM3tDoDuh1
no aaa new-model
clock timezone PST -8
clock summer-time PDT recurring
switch 1 provision ws-c3750g-24ts
vtp domain TEST
vtp mode transparent
ip subnet-zero
ip cef load-sharing algorithm universal CB41AB75
ip domain-name dcipa.com
ip name-server 172.16.x.x
ip name-server 172.16.x.x
!
!
mls qos
!
crypto pki trustpoint TP-self-signed-3281851776
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3281851776
 revocation-check none
 rsakeypair TP-self-signed-3281851776

no file verify auto
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 99
 name voice
!
vlan 100
 name IT
!
vlan 120
 name TEST
!
vlan 121
 name ABC-Servers
!
vlan 300
 name management
!
interface GigabitEthernet1/0/1
 description to HMP
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface GigabitEthernet1/0/2
 switchport access vlan 100
 switchport voice vlan 99
 spanning-tree portfast
!
interface GigabitEthernet1/0/3
 switchport access vlan 100
 switchport voice vlan 99
 spanning-tree portfast
!
interface GigabitEthernet1/0/4
 switchport access vlan 100
 switchport voice vlan 99
 spanning-tree portfast
!
interface GigabitEthernet1/0/5
 switchport access vlan 100
 switchport voice vlan 99
 spanning-tree portfast
!
etc, etc......
interface GigabitEthernet1/0/22
 switchport access vlan 100
 switchport voice vlan 99
 spanning-tree portfast
!
interface GigabitEthernet1/0/23
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface GigabitEthernet1/0/24
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
!
interface Vlan1
 no ip address
 no ip route-cache
 shutdown
!
interface Vlan300
 ip address 172.30.x.x 255.255.255.0
 no ip route-cache
!
ip default-gateway 172.30.x.x
ip classless
ip http server
no ip http secure-server
!
snmp-server community abct RW
snmp-server community public RO
!
control-plane
 
0
Florescu
Asked:
Florescu
  • 4
  • 3
1 Solution
 
Don JohnstonInstructorCommented:
>When I do: ping 172.31.6.11... on 1 of my switches it doesn't even show the ip and the coresponding mac-address.

>interface Vlan300
> ip address 172.30.x.x 255.255.255.0

If I understand your issue correctly, you won't see an ARP entry for the IP address 172.31.6.11 if the source IP address is 172.30.x.x. They're on different networks.

BTW, there's no need to hide your IP addresses if they're private. Your password hash is something you would want to hide though.
0
 
FlorescuAuthor Commented:
I understand that but I have a bunch of different VLANs on the switch.  If I'm trying to see the ARP table for all the IPs in all the different VLANs, how should I proceed?
0
 
Don JohnstonInstructorCommented:
You will ONLY have entries for devices on IP networks that you are part of.

If you were to do this on a multilayer switch then you could generate traffic to the directly connected networks and see the ARP cache fill.
0
Shaping tomorrow’s technology leaders, today

The leading technology companies all recognize the growing need for gender diversity. Through its Women in IT scholarship program, WGU is working to reverse this trend by empowering more women to earn IT degrees and become tomorrow’s tech-industry leaders.  

 
FlorescuAuthor Commented:
I figured it out.  I have to do a sho arp on the device that does the routing between the VLANs.  Then I was able to get the mac-address and follow that thru the switches to see what port it was on.
0
 
Don JohnstonInstructorCommented:
Yeah. That's what I meant. Multilayer switch, router, layer 3 switch, etc.
0
 
FlorescuAuthor Commented:
Not to beat a dead horse but when I go to my Cisco 6513 (multi layer switch) and I try to ping a different address in a different vlan/subnet and then do a

sho arp | include 172.16.0.30

it doesn't show anything.

If I do:
sho arp | include 172.31.6.11  

it shows the mac address and the vlan.  

The IP 172.16.0.30 is physically connected to one of the ports on the 6513.  The IP 172.31.6.11 is not physically connected to the 6513.  
0
 
Don JohnstonInstructorCommented:
It doesn't matter if it's physically connected. What matter is if it's on the same broadcast domain.

On this 6513, is there a layer 3 interface on the 172.16.0.0 network? Is there a layer 3 interface on the 172.31.6.0 network?

My guess is no to the former and yes to the latter.
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now