通过 SNMP 获取第 3 层端口上的 MAC?
我正在编写一个脚本来映射连接到我们的交换机和路由器的服务器。我让它使用 http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a00801c9199.shtml 提取 MAC 地址。
第 3 层端口则是另一回事。这些端口不会显示在路由器/第 3 层交换机上的“sh vlan”命令中。理想情况下,我想使用这些端口中存在的 MAC 地址,作为第 3 层连接的基础,因为它比 IP 地址更“永久”——这些地址确实显示在设备上的 MAC 地址表中。然而,这些端口没有关联的 VLAN,并且通过 SNMP 进行的 MAC 检索是 VLAN 索引的,这一事实使其变得相当困难。
我已经为此苦苦挣扎了大约一周左右,但我尝试/发现的任何东西似乎都不允许我获取非 VLAN MAC 地址。是否可以通过这种方式映射三层端口,或者我需要使用三层(IP 地址)映射?
I'm working on a script to map servers that are connected into our switches and routers. I have it working to map layer two ports, using the algorithm listed at http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a00801c9199.shtml to pull out the MAC addresses.
Layer 3 ports are another matter. These are ports that don't show up in the 'sh vlan' command on a router/layer 3 switch. Ideally, I'd like to use the MAC addresses present in these ports, underlying the layer 3 connection, as that's a bit more 'permanent' than the IP address - these do show up in the MAC-address table on the device. However, the fact that these ports don't have an associated VLAN, and that the MAC retrieval via SNMP is VLAN-indexed, makes it quite difficult.
I've been banging my head against this for about a week or so, but nothing I try/find seems to allow me to get the non-VLAN MAC addresses. Is it possible to map the layer three ports this way, or will I need to use layer 3 (IP address) mapping?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
如果您通过第 2 层连接到设备,则只需在第 3 层地址上使用 ping 即可生成 arp 查找,然后在 mac 的 arp 缓存中查找...这适用于任何第 3 层端口,甚至逻辑端口,如 Portchannels 的第 3 层版本。
这可能是最简单的方法。
如果您想 100% 处于 SNMP 领域:
要获取该设备的接口表,请执行以下 oid。它会返回
该设备上所有接口的列表。这应该适用于运行 SNMP 代理的任何设备(甚至是服务器):
这将为您提供接口编号(OID 中的最后一位数字)和接口描述的列表。它适用于 SVI 和物理接口,不确定 SVI 以外的逻辑类型。
然后对于每个接口,获取它的 mac(其中 x 是接口表中的值):
这将为您提供 mac。 (在某些设备上,前导 0 可能会被截断。)
但是,每个设备上至少需要 1 个第 3 层地址才能执行 snmpwalk 和 get。
如果您只想要所有 mac,那么请执行此 oid:
我使用此方法在大型网络上执行类似的操作。
If you are connected via layer 2 to the device, you could just use a ping on the layer 3 address to generate an arp lookup and then look in the arp cache for the mac... This would work for any layer 3 port, even logical ports like the layer 3 version of Portchannels.
This is probably the easiest way.
If you want to be 100% in the realm of SNMP:
To get the interface table for that device, walk the below oid. It will return
the list of all interfaces on that device. This should work on any device (even a server) runnning a SNMP agent:
This will give you a list of interface numbers (last digit in OID), and the interface descriptions. It works for SVI and physical interfaces, not sure about logical types other than SVI.
Then for each interface, to get it's mac (where x is the value in the interface table):
This gives you the mac. (Leading 0's can be truncated on some devices.)
However, you will need atleast 1 layer 3 address on each device to do the snmpwalk and get.
If you just want all the macs, then walk this oid:
I use this approach to do something similar on a large network.