» » a Host Port by IP Address
Wednesday, May 22, 2013

9:29:00 PM

R1# traceroute 192.168.42.138

Type escape sequence to abort.
Tracing the route to 192.168.42.138

1 10.0.13.3 0 msec 0 msec 4 msec
  2 10.0.39.9 0 msec 4 msec 0 msec
  3 192.168.42.138 0 msec 4 msec  0 msec
This tells us that the host's default router is reachable at 10.0.39.9, so we telnet or SSH to that address and perform an ARP table lookup for the host's IP address.
R1# telnet 10.0.39.9
Trying 10.0.39.9 ... Open

User Access Verification

Username: admin
Password:

S1# show ip arp 192.168.42.138
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  192.168.42.138         13   0014.6a7c.c2b8  ARPA   Vlan42
This tells us the host's MAC address. To resolve this layer two address to a layer one "address" (i.e. port number), we need to query the MAC table:
S1# show mac address-table address 0014.6a7c.c2b8
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
  42    0014.6a7c.c2b8    DYNAMIC     Fa0/13
Now we know that the host is reachable via interface FastEthernet0/13. However, this may not necessarily be a direct connection. The configuration of this interface indicates that this port connects to another switch:
S1# show running-config interface f0/13
Building configuration...

Current configuration : 120 bytes
!
interface FastEthernet0/13
 description Trunk to S2
 switchport trunk encapsulation dot1q
 switchport mode trunk
end
The neighboring switch's management address is advertised via CDP:
S1# show cdp neighbors f0/13 detail
-------------------------
Device ID: S2
Entry address(es): 
  IP address: 10.0.99.10
Platform: Cisco WS-C3550-24,  Capabilities: Switch IGMP 
Interface: FastEthernet0/13,  Port ID (outgoing port): FastEthernet0/13
Holdtime : 148 sec

Version :
Cisco IOS Software, C3550 Software (C3550-IPSERVICESK9-M), Version 12.2(44)SE2, RELEASE SOFTWARE (fc2)
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Thu 01-May-08 16:14 by antonino

advertisement version: 2
Protocol Hello:  OUI=0x00000C, Protocol ID=0x0112; payload len=27, value=00000000FFFFFFFF010221FF000000000000000F345F1680FF0000
VTP Management Domain: 'NULL'
Native VLAN: 1
Duplex: full
Management address(es): 
  IP address: 10.0.99.10
Next, we telnet to the neighboring switch's IP address and repeat our MAC table lookup:
S1# telnet 10.0.99.10
Trying 10.0.99.10 ... Open

User Access Verification

Username: admin
Password:

S2# show mac address-table address 0014.6a7c.c2b8
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
  42    0014.6a7c.c2b8    DYNAMIC     Fa0/6
Total Mac Addresses for this criterion: 1
We can see that FastEthernet0/6 is an access port, which means it is most likely our host port:
S2# show running-config interface f0/6
Building configuration...

Current configuration : 84 bytes
!
interface FastEthernet0/6
 switchport access vlan 42
 switchport mode access
end
Posted by at 9:29:00 PM
Labels:

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)