Solved

Cisco Catalyst - Show MAC address of all connected devices

Posted on 2013-05-16
3
2,089 Views
Last Modified: 2013-05-18
Hello,

I have a Cisco infrastructure setup with several switches connecting to a CORE infrastructure:

Cisco Catalyst 3750: Core
Cisco Catalyst 3560#1:  PC Switch
Cisco Catalyst 3560#2:  PC Switch
Cisco Catalyst 3560#3:  PC Switch
Cisco Catalyst 3560#4:  PC Switch
Cisco Catalyst 3560#5:  PC Switch
Cisco Catalyst 3560#6:  PC Switch

- Each switch is connected to the 3750 core via a (2) port port-channel group (port-channel group 1 going to switch 1, port-channel group 2 going to switch 2, etc...).
- The Core switch has 10 VLANs configured on it, and is setup in layer 3 mode.
- The Core switch is setup as VTP server.
- Every switch is setup as VTP client, so all VLAN's in the core are available to all switches.
- 90% of the environment is on a PC VLAN (VLAN 100).
- 10% of the environment (servers) is setup on a SERVER VLAN (VLAN 2)
- Each switch (other than the Core) has an IP address on the server VLAN for management (192.168.2.11 for switch 1, 192.168.2.12 for switch 2, etc...)
- The Core switch has an IP interface for each VLAN:
     . VLAN 100 = 192.168.100.1/24
     . VLAN 2 = 192.168.2.1/24
     . Default route of the Core switch is to the firewall, 192.168.2.254
- Every VLAN interface that is servicing clients that need dynamic addressing has an "ip-helper" address setup on the IP interface pointing to the (2) DHCP servers serving the clients (192.168.2.100, 192.168.2.101)
- Most ports are setup as "Switchport access VLAN 100".

Everything is working fine as far as routing and DHCP addressing goes.  Today, however, I was trying to track down what port a particular client is in and I was not able to track it down.  Here's what I was trying to do:

1. From management station, ping NetBios name of PC to get IP address.  Received 192.168.100.54.
2.  Connected to CLI of Core Switch, did "show arp | include 192.168.100.54" and got the MAC address of 192.168.100.54.
3.  From CLI of Core switch, did, "show mac address-table | include [mac address]" and got "100        [MAC address]      DYNAMIC         Po2"  which tells me it's in VLAN100 (as expected), the MAC address (as expected), the type of address (DYNAMIC, as expected, as it was learned from a connected device) and the port that it was learned from (port-channel 2, which tells me this client should be connected to switch #2).
4.  Connected to CLI of switch #2, did, "show mac address-table | inc [mac address]" and received the same message of "100        [MAC address]      DYNAMIC         Po2".

At each switch, we name the port-channel group the same as the port-channel group servicing the switch from the core so that it's easy to follow frontwards and backwards.

Why can I not track down the MAC address of the clients that are connected to my distribution switches?  Is there a better way to be setup?  Is it setup wrong?  Or is there another command to list all of the MAC addresses of connected clients?  I seem to remember viewing a CAM table long ago, but cannot find any references to a command doing this.  

Help is appreciated, thanks!
0
Comment
Question by:jkeegan123
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 28

Expert Comment

by:asavener
ID: 39172522
Show mac-address-table is essentially the same data as the CAM table; it's just in human-readable format.

The MAC address table is always local to the switch, so I don't know of a way to locate a particular MAC address in a particular switch without doing something similar to what you just described.

I suppose there's a way to script it or to pull the info from SNMP.
0
 
LVL 5

Author Comment

by:jkeegan123
ID: 39172700
what is the command to view the CAM table?
0
 
LVL 28

Accepted Solution

by:
asavener earned 500 total points
ID: 39172732
Depends on the version that you're running.

"show cam dynamic" worked on the CATOS switches.

"show mac-address-table" is probably what you want to use, though.
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Before I go to far, let's explain HA (High Availability) and why you should consider it.  High availability is the mechanism used to provide redundancy to any service at the same site and appears as a single service to the users of that service.  As…
Is your computer hacked? learn how to detect and delete malware in your PC
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question