Solved

Bad Switch Mac Address

Posted on 2013-11-19
4
356 Views
Last Modified: 2013-12-09
Hello,
I am currently having a problem in my network where there is a device that I’m not aware of that is trying to become the Root Switch, the Mac address of this device is  showing up as an manufacture I’m not using, Is there a good way to track down were the device could be located?

Thanks
0
Comment
Question by:ahmad1467
  • 2
4 Comments
 

Expert Comment

by:Dhurken
ID: 39660040
What model switches are you using?
0
 
LVL 12

Expert Comment

by:Infamus
ID: 39660150
If it is Cisco switch, you can run one of the following command depends on the version of IOS.

sh mac address-table address xxxx.xxxx.xxxx

sh mac-address-table address xxxx.xxxx.xxxx

This will tell you which switch port the MAC address is connected to.
0
 

Expert Comment

by:Dhurken
ID: 39660180
As a follow up to Infamus, if you have a larger infrastructure, you may end up hopping from switch to switch to track down the actual switchport where the device is connected.

If so, you can use sh cdp neighbors detail to see the other Cisco devices connected to your current switch.
0
 
LVL 17

Accepted Solution

by:
TimotiSt earned 500 total points
ID: 39660334
If it does become the root switch, the STP 'root port' will point towards it.
As @Infamus says, you might find it in the mac table with 'sh mac address-table'.
But the main point would be to implement BPDU protection on the edge ports. BPDU-guard can shut down the port, in which case you can find the user without network access pretty quick (if that's accceptable in the organization)...
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will step through configuring a SonicWALL appliance to utilize an internal DHCP server for Global VPN Client (GVC) hosts.  There are times when using an external (external to the SonicWALL) DHCP server, such as Windows Servers, isn’t pr…
Network ports are the threads that hold network communication together. They are an essential part of networking that can be easily ignore or misunderstood, my goals is to show those who don't have a strong network foundation how network ports opera…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question