[c-nsp] MAC-to-IP script on IOS
Peter Rathlev
peter at rathlev.dk
Fri May 25 04:43:29 EDT 2012
On Fri, 2012-05-25 at 08:27 +0200, uvh at siemens.com wrote:
> Have anyone come across a script that could yield the IP address of a
> given mac-address when invoked on a Layer 3 Router?
Something like "show ip arp <MAC-address>" or "show ip arp vrf <name>
<MAC-address>"? That of course requires the address to already be
present in the ARP table. And you need to know the relevant VRF in
advance.
> I would assume that you would have to select the given interface (as
> it could be any interface) and the router should start arp-ing all
> hosts on a given subnet returning the result when finished executing
> the script?
If you haven't already got the host in the ARP table you need that yes.
You could use a TCL script to do that. Take a look at e.g.
http://cciepursuit.wordpress.com/2007/04/21/simple-tcl-script-ping-test/
The ping command would just be "ping <address> repeat 1 timeout 1" to
save time.
You would need to script what addresses to ping of course. That might be
more complex, but it's doable.
> Assumptions is that you know the logical subnet where the mac-address
> reside or maybe it could be invoked with a "all" interface command to
> run the script on all logical interfaces.
You can search the MAC address table to find out what VLAN(s) the
address is active in.
Searching for the IP address of an unknown MAC address is a problem
whose solutions scales very badly. Consider a device with some hundreds
of connected interfaces sized /28 through /24. That's a lot of addresses
to scan.
What about having a management station using "nmap -sP -PI" and then
walk IP-MIB::ipNetToMediaPhysAddress to find the address?
--
Peter
More information about the cisco-nsp
mailing list