[c-nsp] SNMP: IP => vlan + mac

Liviu Pislaru liviu.pislaru at rdsnet.ro
Fri Aug 27 04:22:27 EDT 2004


I don't want to use "grep" because i have more than 1000 arp entry per vlan.

On Friday 27 August 2004 02:59, Virgil wrote:
> > Is there a posibility to obtain via SNMP a mac-address
> > (0007.eb95.9b80) from arp table for IP address 10.5.16.7 ?
>
> This might be of use to you.  It's a dodgy shell script that's crying
> out to be converted to perl net-snmp.
> If anyone feels the urge, please send me a copy.
>
> #!/bin/bash
> # locates a switch port in the access layer from an IP address.
> # query starts at the core 6500
>
> READONLY=public
> SW=$1
> IPADDRESS=$2
>
>
> arpMeBaby() {
>         #MAC address of ${IPADDRESS}
>         snmpwalk -On -v2c -c${READONLY} ${1} atPhysAddress | grep "${2}
> =" | cut -d" " -f4-
> }
>
>
> getVlanif() {
>         snmpwalk -Onq -v2c -c${READONLY} ${1} ipNetToMediaPhysAddress |
> grep "${2} " | awk ' {split($1,vi,".1.3.6.1.2.1.4.22.1.2."); print
> vi[2]}'  | awk 'BEGIN { FS = "." } ; { print $1}'
> }
>
>
> getVlan() {
>         #IF-MIB::ifName.204 = STRING: Vl11
>         snmpwalk -On -v2c -c${READONLY} ${1} ifName.${2} | awk '{print
> $4}' | cut -c3-
> }
>
>
> macSuck() {
>         #For this VLAN, get the MAC address table (using community
> string indexing!) dot1dTpFdbAddress
>         snmpwalk -On -v2c -c${READONLY}@${Vlan} ${1}
> .1.3.6.1.2.1.17.4.3.1.1 | grep "${2}" | cut -d"." -f13-18 | cut -d" "
> -f1
> }
>
> whichPort() {
>         #Get the bridge port number, dot1dTpFdbPort
> (.1.3.6.1.2.1.17.4.3.1.2) for this MAC
>         snmpwalk -Onv -v2c -c${READONLY}@${2} ${1}
> .1.3.6.1.2.1.17.4.3.1.2.${3} | cut -d" " -f2
> }
>
> findifIndex() {
>         #For this VLAN, get the bridge port to ifIndex
> (1.3.6.1.2.1.2.2.1.1) mapping,
>         #dot1dBasePortIfIndex (.1.3.6.1.2.1.17.1.4.1.2):
>         snmpwalk -Ovn -v2c -c${READONLY}@${2} ${1}
> .1.3.6.1.2.1.17.1.4.1.2.${3} | cut -d" " -f2
> }
>
> portName() {
>         #Walk the ifName (.1.3.6.1.2.1.31.1.1.1.1) so that the ifIndex
> value
>         #can be correllated with a proper port name:
>         snmpwalk -Oqn -v2c -c${READONLY}@${2} ${1} ifName.${3} | cut -d"
> " -f2
> }
>
> portDesc() {
>         #Get the description (.1.3.6.1.2.1.31.1.1.1.18)
>         snmpwalk -Oqn -v2c -c${READONLY}@${2} ${1} ifAlias.${3} | cut
> -d" " -f2-
> }
>
> cdpNei() {
>         #Find the CDP neighbor (.1.3.6.1.4.1.9.9.23.1.2.1.1.6) for the
> next hop.
>         snmpwalk -Ovn -v2c -c${READONLY}@${2} ${1}
> 1.3.6.1.4.1.9.9.23.1.2.1.1.6.${3} | cut -f2 -d\"
> }
> cdpNeiPort() {
>         snmpwalk -Ovn -v2c -c${READONLY}@${2} ${1}
> 1.3.6.1.4.1.9.9.23.1.2.1.1.7.${3} | cut -f2 -d\"
> }
>
> target=${SW}
>
> VlanifIndex=`getVlanif ${target} ${IPADDRESS}`
> Vlan=`getVlan ${target} $VlanifIndex`
> Arp=`arpMeBaby ${target} ${IPADDRESS}`
> MAC=`macSuck ${target} "${Arp}"`
> PortNo=`whichPort ${target} ${Vlan} $MAC`
> ifIndex=`findifIndex ${target} ${Vlan} $PortNo`
> if=`portName ${target} ${Vlan} $ifIndex`
> ifDesc=`portDesc ${target} ${Vlan} $ifIndex`
> CdpNei=`cdpNei ${target} ${Vlan} $ifIndex`
> CdpNeiPort=`cdpNeiPort ${target} ${Vlan} $ifIndex`
>
> target=${CdpNei}
> AccessSwPortNo=`whichPort ${target} ${Vlan} $MAC`
> AccessSwifIndex=`findifIndex ${target} ${Vlan} $AccessSwPortNo`
> AccessSwif=`portName ${target} ${Vlan} $AccessSwifIndex`
> AccessSwifDesc=`portDesc ${target} ${Vlan} $AccessSwifIndex`
>
> #echo -ne "${IPADDRESS} is in Vlan ${Vlan}\n${SW} [${if}] -> ${CdpNei}
> [${CdpNeiPort}]\n${CdpNei} [$AccessSwif] -> ${AccessSwifDesc}\n"
>
> echo -ne "$target [$AccessSwif] -> ${AccessSwifDesc}\n"
>
> Regards,
>
> Virgil

-- 
Liviu Pislaru -- Tech Department
Romania Data Systems - NOC in Bucharest
Phone: +4-021-30.10.888  Fax: +4-021-30.10.892
--------------------------------------------------------
Privileged/Confidential Information may be contained in this message. If
you are not the addressee indicated in this message (or responsible for
delivery of the message to such person), you may not copy or deliver
this message to anyone. In such a case, you should destroy this message
and kindly notify the sender by reply e-mail.


More information about the cisco-nsp mailing list