[nsp] [OT] Layer 2 Trace
Ryan O'Connell
ryan at complicity.co.uk
Thu Jul 8 15:16:27 EDT 2004
I've removed NANOG from this reply as cross-posting isn't really
appropriate.
Vicky wrote:
> Just wondering if there's anyone who can recommend a layer 2 trace
> utility similar to "l2trace" on a cisco switch but one that runs on a
> linux box?
There isn't one, because there is no vendor-independant way of tracing
layer 2 connections in that way - l2trace uses Cisco-specific extensions
(Specifically, it's based on CDP and last time I looked only worked on
CatOS - not IOS - switches) that, AFAIK, aren't documented. Even if it
was documented, it's not worth writing something for Linux to do it as
you may as well run it direct from the switch if it's supported. (Using
clogin or similar if required)
You can achieve similar functionality though by querying the MAC address
table (CAM) on each switch in turn via SNMP/telnet. I believe there are
scripts out there that will do this, but it's fairly trivial to write a
script to do it and the exact implementation will probably depend on
your network architecture.
With most (But not necessarily all) well designed networks, a script
won't save you that much time unless you're tracing ports on a daily
basis anyway - you should never need to type "show mac-address-table
address ..." (Assuming they're IOS switches) on more than two (Or
perhaps three) switches to trace the source of a given MAC address.
More information about the cisco-nsp
mailing list