IT貓撲網:您身邊最放心的安全下載站! 最新更新|軟件分類|軟件專題|手機版|論壇轉貼|軟件發(fā)布

您當前所在位置: 首頁系統(tǒng)集成網絡管理 → 根據IP地址查交換機端口

根據IP地址查交換機端口

時間:2015-06-28 00:00:00 來源:IT貓撲網 作者:網管聯(lián)盟 我要評論(0)

  在一個Cisco 交換網絡中間,已知某臺機器的IP地址,如何找出它連接到了哪臺交換機的哪個端口上呢?最方便快捷的方法使使用CiscoWorks 2000 LMS網管軟件的User tracking 功能,圖形化界面,一目了然。

  如果沒有這個軟件,也可以使用以下手工分析方法來找出答案:

  示例網絡:核心交換機為6509(交換引擎SE用CatOS, MSFC運行IOS軟件)

  1. 找出該IP所對應的MAC地址:

  通過查看系統(tǒng)的ARP緩存表可以找出某IP所對應的MAC地址。由于ARP不能跨VLAN進行,所以連接各個VLAN的路由模塊MSFC就是最佳的選擇--一般它在每一個VLAN都有一個端口(interface vlan n),能正確地進行ARP解釋。

  6509MSFC#ping 10.10.1.65

  Type escape sequence to abort.

  Sending 5, 100-byte ICMP Echos to 10.10.1.65, timeout is 2 seconds:

  !!!!!

  Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms

  6509MSFC#show arp | in 10.10.1.65

  Internet 10.10.1.65 2 0006.2973.121d ARPA Vlan2

  通過以上命令,我們知道10.10.1.65的MAC地址是0006.2973.121d, 這是IOS設備的MAC地址表達方式,在CatOS中,應寫為00-06-29-73-12-1d.

  2.在交換機上找出MAC地址所對應的端口

  6509SE> (enable) show cam 00-06-29-73-12-1d

  * = Static Entry. + = Permanent Entry. # = System Entry. R = Router Entry.

  X = Port Security Entry $ = Dot1x Security Entry

  VLAN Dest MAC/Route Des [CoS] Destination Ports or VCs / [Protocol Type]

  2 00-06-29-73-12-1d 9/41 [ALL]

  Total Matching CAM Entries Displayed =1

  這是不是說IP為 10.10.1.65的機器就接在端口9/41上呢?

  不一定。如果以下命令中顯示該端口上只有一個活動的MAC地址,那么答案就是肯定的:

  6509SE> (enable) show cam dynamic 9/41

  * = Static Entry. + = Permanent Entry. # = System Entry. R = Router Entry.

  X = Port Security Entry $ = Dot1x Security Entry

  VLAN Dest MAC/Route Des [CoS] Destination Ports or VCs / [Protocol Type]

  2 00-06-29-73-12-1d 9/41 [ALL]

  Total Matching CAM Entries Displayed =1

  如果該命令顯示該端口上有多個活動的MAC地址,那么這個端口應該連接到別的交換機或HUB設備上,見下面的例子(查找IP為10.10.1.250所對應的交換機端口):

  6509MSFC#ping 10.10.1.250

  Type escape sequence to abort.

  Sending 5, 100-byte ICMP Echos to 10.10.1.250, timeout is 2 seconds:

  !!!!!

  Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms

  6509MSFC#show arp | in 10.10.1.250

  Internet 10.10.1.250 4 0009.6b8c.64ec ARPA Vlan2

  6509SE> (enable) show cam 00-09-6b-8c-64-ec

  * = Static Entry. + = Permanent Entry. # = System Entry. R = Router Entry.

  X = Port Security Entry $ = Dot1x Security Entry

  VLAN Dest MAC/Route Des [CoS] Destination Ports or VCs / [Protocol Type]

  ---- ------------------ ----- -------------------------------------------

  2 00-09-6b-8c-64-ec 3/11 [ALL]

  Total Matching CAM Entries Displayed =1

  6509SE> (enable) show cam dy 3/11

  * = Static Entry. + = Permanent Entry. # = System Entry. R = Router Entry.

  X = Port Security Entry $ = Dot1x Security Entry

  VLAN Dest MAC/Route Des [CoS] Destination Ports or VCs / [Protocol Type]

  1 00-03-e3-4b-06-80 3/11 [ALL]

  1 00-08-02-e6-b0-cd 3/11 [ALL]

  1 00-02-a5-ee-f2-4f 3/11 [ALL]

  1 00-09-6b-8c-66-d6 3/11 [ALL]

  1 00-09-6b-63-17-d9 3/11 [ALL]

  1 00-0b-cd-03-ec-f5 3/11 [ALL]

  1 00-09-6b-63-17-d8 3/11 [ALL]

  1 00-08-02-e6-b0-c1 3/11 [ALL]

  1 00-08-02-e6-b0-85 3/11 [ALL]

  1 00-08-02-e6-b0-81 3/11 [ALL]

  1 00-02-a5-ef-16-af 3/11 [ALL]

  1 00-02-a5-ee-f2-93 3/11 [ALL]

  1 00-02-55-c6-05-61 3/11 [ALL]

  2 00-09-6b-8c-64-ec 3/11 [ALL]

  1 00-08-02-e6-b0-ed 3/11 [ALL]

  1 00-08-02-e6-b0-a9 3/11 [ALL]

  1 00-02-55-54-7a-e0 3/11 [ALL]

  1 00-02-a5-ef-15-a6 3/11 [ALL]

  1 00-08-02-e6-af-8f 3/11 [ALL]

  1 00-08-02-e6-b0-bd 3/11 [ALL]

  1 00-0b-cd-03-db-8b 3/11 [ALL]

  1 00-09-6b-8c-25-50 3/11 [ALL]

  Do you wish to continue y/n [n]? n

  由于該端口連接到另一臺交換機或HUB,必須繼續(xù)追查,方法如下:

  6509SE> (enable) show cdp nei 3/11

  * - indicates vlan mismatch.

  # - indicates duplex mismatch.

  Port Device-ID Port-ID Platform

  3/11 Cisco2924 GigabitEthernet1/1 cisco WS-C2924M-XL

  該命令顯示對端設備是一臺Cisco2924,如果沒有顯示,那么說明連接的是別的廠家的設備,可能要到該交換機上用類似的辦法繼續(xù)追查。本例子中是Cisco 設備,所有我們可以繼續(xù):

  6509SE> (enable) show cdp nei 3/11 de

  Port (Our Port): 3/11

  Device-ID: Cisco2924

  Device Addresses:

  IP Address: 10.10.0.60

  Holdtime: 153 sec

  Capabilities: TRANSPARENT_BRIDGE SWITCH

  Version:

  Cisco Internetwork Operating System Software

  IOS (tm) C2900XL Software (C2900XL-C3H2S-M), Version 12.0(5.2)XU,

  MAINTENANCE INTERIM SOFTWARE

  Copyright (c) 1986-2000 by cisco Systems, Inc.

  Compiled Mon 17-Jul-00 17:35 by ayounes

  Platform: cisco WS-C2924M-XL

  Port-ID (Port on Neighbors's Device): GigabitEthernet1/1

  VTP Management Domain: lan

  Native VLAN: 1

  Duplex: full

  System Name: unknown

  System Object ID: unknown

  Management Addresses: unknown

  Physical Location: unknown

  Cisco2924#show mac-address-table dynamic address 0009.6b8c.64ec

  Non-static Address Table:

  Destination Address Address Type VLAN Destination Port

  ------------------- ------------ ---- --------------------

  0009.6b8c.64ec Dynamic 2 FastEthernet0/2

  Cisco2924#show mac-address-table dynamic interface f0/2

  Non-static Address Table:

  Destination Address Address Type VLAN Destination Port

  ------------------- ------------ ---- --------------------

  0009.6b8c.64ec Dynamic 2 FastEthernet0/2

  通過以上命令可知,MAC地址0009.6b8c.64ec 與Cisco 2924交換機相連,且是該端口上唯一活動的MAC地址,所以IP為10.10.1.250的機器應該就連接在這個端口上。

關鍵詞標簽:交換機端口

相關閱讀

文章評論
發(fā)表評論

熱門文章 路由器地址大全-各品牌路由設置地址 路由器地址大全-各品牌路由設置地址 各品牌的ADSL與路由器出廠默認IP、帳號、密碼 各品牌的ADSL與路由器出廠默認IP、帳號、密碼 Nslookup命令詳解-域名DNS診斷 Nslookup命令詳解-域名DNS診斷 站長裝備:十大網站管理員服務器工具軟件 站長裝備:十大網站管理員服務器工具軟件

相關下載

    人氣排行 各品牌的ADSL與路由器出廠默認IP、帳號、密碼 路由器地址大全-各品牌路由設置地址 騰達路由器怎么設置?騰達路由器設置教程 ADSL雙線負載均衡設置詳細圖文教程 路由表說明(詳解route print) Nslookup命令詳解-域名DNS診斷 網管員實際工作的一天 網管必會!了解交換機控制端口流量