Network topology mapper software can provide reports on switch ports, VLANs, subnets, and inventory. Address regulatory compliance Directly address PCI compliance, FIPS 140-2, and others that require maintenance of an up-to-date network diagram.
![]()
NOTE: This how-to is based on the premise that you have switches with ports that you don't know where they are going, no inter-vlan routing, and do not have access (due to permission restrictions) to some of Spiceworks application features.A while back I was trying to figure out how to map our network, switchports in particular, but could not gain access to the whole building to test from the wall jacks and/or nodes on our network. I could, however access all the switches, but not our router, and routing is not enabled on our switches anyway, though they are layer 3 capable (pretty much a flat network).I was unable to perform this task with Spiceworks due to settings our manager imposed, so I had to find a workaround to get the job done.I used a combination of the command line (Windows 7) and telnet to access the main switches of our network to figure out what is on the end of each switchport. In doing so, knowing the location of system host names, I was able to more accurately map where each switchport went to without having to beg for authorization after hours to investigate this from each physical location. Also, if you have a network larger than 200 nodes, this will definitely help if you have to do it the way I did, even if you do have physical access, because the legwork alone may take days. In your command window (you may need elevated privileges, and if you don't already have it installed) install NMAP from NMAP.org and run the following command:nmap -v -sn 192.168.x.1-254What this command will do is find the hosts in the IP range specified on your network, give you the hostname (if it can find it), IP address, and MAC address. To make it more useful, you can dump it to a text file thusly:nmap -v -sn 192.168.x.1-254 nmapoutput.txtThen you'll have a nice little document you can work from rather than having to scroll through your command prompt.If any come up that do not display the hostname, you can try again using NetBIOS with the IP address you get from NMAP as follows:nbtstat -A 192.168.x.xThis will give you the hostname and MAC address, so you can compare them and modify your text document output for later.
Next, login to your switches (preferably using telnet or ssh).I used the command:telnet 192.168.x.xThen, select which switch to begin from. The main switch gives me a list of 0,1,2,3 and from there I just select which one I want, based on where I'm looking.Based on your output from NMAP, if you know the approximate location of the hostname, this may help determine which switch it is attached to. Keep in mind, these instructions are for networks that have little to no routing, pretty much all layer 2 - flat network type. With routing, you may be able to obtain more information off your routers and/or switches (if MLS).
![]()
So once in the switch of choice, there were two commands to play with:show mac-addressandshow mac-address ethernetX (where X = port number)We have HP switches currently, so for Cisco you would use:show mac-address fastethernet0/X (where X = port number)^^^CORRECTION: show mac address-tableis the Cisco command! ^^^If you use the interface-specific version of the command, you will get a list of MAC addresses learned through that port. With this, all you have to do is find one of the MAC addresses listed here on the text document from NMAPs output, and you'll know that switchport is going to that office (wherever that node is located).You can then start building a spreadsheet or database with the switch name/location, port number, IP addresses, hostnames, and MAC addresses associated with that port (or you can just use whatever information you need to keep track of what is going where). The quickest way to force the switch to learn a MAC address if one seems to be absent from the show mac-address command, ping the IP address associated with the MAC address that is missing.After your ping, run the show mac-address command again and you should see the address come up.
If not, you may have a node that is turned off or something else may be wrong. If you have existing data about current locations, host names, and MAC addresses, you may sift through that as an additional reference, assuming it is up-to-date. This is normal, as other switches will learn and their CAM tables will add known MAC addresses as frames move through the network. What you need to be aware of are what port numbers link switches together.The interconnecting ports, often linked via fiber these days, will typically be higher numbered ports. I hope this how to finds it's way into the browsing path of others who have ran into this problem too. When you have hundreds of devices connected to a network, and poorly kept documentation on what is where and how it's connected, it is important to know how you can find what you're looking for without tearing your hair out too much.Also, if you happen to be like I was a few years ago, being timid of the command line world, seeing some of the useful ways you can use it like through this how-to and the many scripts our fellow spiceheads post should help you become more comfortable with using the command line for more things. Not only is it typically faster than trying to load a GUI, you can redirect your output to a document for later use:)NMAP does however offer a feature called Zenmap GUI, which is GUI-user friendly for those who still shy away from the command line.
It's sort of a command line GUI for the non-command line user.Happy networking!
![]() Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
January 2023
Categories |