First, I'd like to say that all of the advice in this thread is solid.
Now, with that said, read on for a way to do this without logging into
devices yourself.
On Tue, Aug 26, 2014 at 1:26 PM, Jed Laundry <jlaundry at jlaundry.com>
Just to throw it out there, I created the attached op script a while ago to
do this in a small office environment. It does require having a family inet
address on the switch (so don't forget your firewall filters to prevent
cross-vlan contamination!)
?Hi, Jed. Looks like the mailing list ate your attachment.?
Next on my todo list was for it to run through a list of switches running
the get-ethernet-switching-table-information remotely, so that it could be
used on a larger LAN without inet addressing each switch. And inet6, of
course.
?The thread in general (and this part specifically) inspired me to spend 15
minutes writing a script to do (pretty much) this.? You need to know the
gateway device, and all devices in question must be Juniper. Assuming
that's the case, you also need py-junos-eznc. You'll need to do everything
necessary to run py-junos-eznc, too--that means having NETCONF over SSH
configured on your devices.
You can grab the script from
https://gist.github.com/supertylerc/3b11111a219b0a49a56c and run it from
any Linux-based host with py-junos-eznc. Might work with Windows and/or OS
X, but Linux is where I've tested it.
Edit 40, 41, and 44 to suit your environment, chmod the script (chmod 700
/path/to/find_server), then just run the script (/path/to/find_server).
I figured this would be a halfway decent, somewhat easy-to-understand
script that anyone could use easily. Here's an example:
??tyler at deathstar in ~ using ?ruby-2.1.1? 14-08-26 - 20:50:30
??? ./find_mac
{'ip_address': '192.168.1.1',
'mac_address': 'ab:cd:ef:12:34:56',
'switches': [{'sw01.example.com': [{'interface': 'xe-2/1/0.0',
'vlan': 'internal'}]},
{'sw02.example.com': [{'interface': 'ge-2/0/14.0',
'vlan': 'internal'}]},
{'sw03.example.com': [{'interface': 'xe-1/0/22.0',
'vlan': 'internal'}]}]}
It runs through 4 devices. The switches are done in "parallel" after the
gateway is done. There's a minor "issue" in that if the gateway is also
one of the switches, you'll end up connecting to it twice. Not a big deal
to me, but just for clarity. Also, obviously this shows you the switches
that are upstream, so you might get some "fluff." I happen to know that
our 10G interfaces are (mostly) trunk ports only, so I can ignore them. It
could be extended to get interface descriptions too.
It's not tested with IPv6 or routing instances, though either would
probably be trivial to add and test.
?
?Oh, one last thing: the script assumes SSH keys are the login method. If
not, you'll _probably_ want to add a password (see the py-junos-eznc docs)
prompt instead of hard-coding the password.?
If you're having any issues or have questions, please feel free to reach
out to me individually (avoid spamming list).
Thanks!
--tc
Thanks,
Jed.
Post by Per GranathThis might be interesting: http://youtu.be/Le9S2rj_qXI
(starting
Post by Per Granathfrom 19m and 46s into the video).
-----Original Message-----
From: juniper-nsp [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf
Of Evangelos Kanarelis
Sent: Tuesday, August 26, 2014 3:43 PM
To: juniper-nsp at puck.nether.net
Subject: Re: [j-nsp] juniper switch ex2200 how to find port from ip address?
This has now been resolved.
Managed to get access to the core switch and used the arp table.
Thank you all for your help :-)
Angelo Kanarelis
Infrastructure Support Engineer
T: +44 (0) 207 421 2575 M: +44(0) 779 5613721 2nd Floor, Nexus Place,
25
Post by Per GranathFarringdon Street, London, EC4A4AB
-----Original Message-----
From: juniper-nsp [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf
Of Phil Mayers
Sent: 26 August 2014 13:06
To: juniper-nsp at puck.nether.net
Subject: Re: [j-nsp] juniper switch ex2200 how to find port from ip address?
Post by Evangelos KanarelisHello everybody
I am relatively new to networking and I am currently managing a few
EX2200 switches.
I need to find to which port a machine is connected to, but all I have
is an IP Address. I know that I can use show ethernet-switching table
brief but unfortunately I do not have the MAC address.
Any help would be greatly appreciated.
When you have time, consider looking into running something like Netdisco
against your switches and routers.
Without a MAC, it's not straightforward.
It's not really difficult either, but if you're new to networking all the
suggestions I can think of (put an IP address on the ports vlan, ping the
host, look in the ARP table; put a logging firewall filter in, look for
matches; enable DHCP/ARP snooping) carry a risk of breaking things.
It would be a lot easier if you could find the MAC address from the
router. Can you really not do that?
Or if you can get to the host, just unplug then re-attach the host, then
look in the switch logs for which port just came up.
If not, the "safest" thing is probably to modify the switch to have an IP
address on the port VLAN and ping the host, then find the MAC from the
ARP
Post by Per Granath== Add the IP to the vlan ==
configure
set vlan <name> l3-interface vlan.<tag>
set interfaces vlan unit <tag> family inet address <ip/mask> commit
== Find the IP/MAC/port ==
run ping <ip> count 1
run show arp no-resolve hostname <ip>
run show ethernet-switching table | match <MAC from the ARP output>
== Undo adding the IP
rollback 1
commit
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp