6500 SNMP MAC to IP 1

[marshyrob]

Hello

Ive been tasked with trying to audit our 6500 switch for what is plugged in and where. I used SNMP to find the MAC to IP on a Nortel passport 8600, but i cant find the relevant info for the 6500.

We are running IOS not CatOS!

Anyone know of a good place to start looking, tried Cisco but not really finding anything!?

Cheers

Rob

 

[lerdalt]

Do you know anything about perl? If so, check out this script:

http://oss.oetiker.ch/mrtg/pub/contrib/cammer

On the line:
if ($sysdesc =~ /2900|3500/){

just add in the 65xx number that comes up when you do and snmpget for the sysDescr.0

I've converted this script over to have a web interface. If I had a good way of getting it to you, I would.

 

[marshyrob]

Thanks Lerdalt, but i know nothing about Perl, ive used VBscript before but not Pear!

Thanks anyway!

Anyone else have any info?

 

[chipk]

Well, a rather manual way to do it would be to do a "show arp" and a "show mac-address". Get the resulting output into a spreadsheet, cross reference the macs in each sheet with a =match() formula, and then you would have the physical and vlan interfaces that each Mac address and IP connect to.

I'm with lerdalt though with using Perl. I use it all the time (net-telnet-cisco is what I typically use) and have been able to develop a lot of little scripts to automate many processes on my network that would otherwise cost big bucks to do with commercial software. It is worth learning.

 

[lerdalt]

With that script, you really don't have to know much about perl either. If you have a linux box, its probably already installed and working. Might have to add a couple of modules, but that's not too complicated either. Otherwise you can get ActiveStatePerl for windows and run it from a command line.

Since it sounds like you've done some work with snmp already, if you do a walk on 1.3.6.1.2.1.4.22.1.2 you will get the ip to mac mappings.

and I believe running an snmptable on 'if' you can get the mac address that is connected to a port.

I don't want to push you into perl too much, but the net-telnet-cisco module has saved my butt many times to just query information from all of my cisco devices. Its kind of sad, we have Ciscoworks, but I can modify some of the scripts I've already written to pull some of the information faster than I can get it out of Ciscoworks.

 

[marshyrob]

Hi lerdalt

I have managed to install Active Pearl (PPM) and installed the net-telent-cisco rep. Im not too sure what to do next? I have it installed on a win XP as i dont have linux.

i can see that the package is there, but how do i run scripts etc? Not familiar with Pearl at all!!

Can you help?

Thanks

Rob

 

[chipk]

Perl scripts are mostly run from the command line, or through a web interface, but you can also create GUIs. Usually, you download a script from a trusted source, or write one yourself, and run it like so:

c:\perl.exe script.pl

The script on the page lerdalt posted does not use net-telnet-cisco, but it does use several other packages (if you plan to use that script) - look at the beginning of the script, and you will see a portion where it says:

"use FindBin;"
etc.

The names after "use" are all packages that you will need to make sure are installed through PPM. I'm not sure if all of these are installed by default (I'm pretty sure they're not, maybe lerdalt could confirm).

Anyway, if you plan to start using Perl seriously, you'll want to familiarize yourself with the basics by reading some tutorials and the documentation that gets installed with Perl.

 

[marshyrob]

Hi Chipk

Thanks for the info, ive installed and configured the Net-Telnet-Cisco rep but i dont have a clue what to do now!?

Im interested in the script that lerdalt put up but im struggling to find all the packages, i just want to see what this net-telent-does but i dont have aclue how to get it going, ive checked the version of Active perl i have a and it says that net-telnet-cisco is there!?

Rob

 

[chipk]

Ok, well here's a sample program that I wrote to change the DST 2007 stuff on all our Cisco devices. It was kind of quick and dirty, but it works, and is short enough that you will catch on to what it does right away. So basically, you have this code in a .pl file:

use Getopt::Long;
GetOptions(
     "host=s"     =>     \$host,
);
  use Net::Telnet::Cisco;
	 $pass='loginpw';
	 $enable='enablepw';
  my $session = Net::Telnet::Cisco->new(Host => $host);
$session->login('login', $pass); 
$session->enable($enable);
$session->cmd("configure terminal");
$session->cmd("clock summer-time EDT recurring 2 Sun Mar 2:00 1 Sun Nov 2:00\n");
$session->cmd("end");
my @clock = $session->cmd("show clock\n");
$session->cmd("wr mem\n");
print "@clock\n";
exit;

getopt-long allows you to specify command line options. In this case, I just put the passwords in the actual script, but specified the host I want to run the script against with a -h [hostname] command line option. Like so:

perl.exe tzchange.pl -h switchname

So, what this does is logs into the switch specified by the -h command line option, runs a couple commands:

$session->login('login', $pass); 
$session->enable($enable);
$session->cmd("configure terminal");
$session->cmd("clock summer-time EDT recurring 2 Sun Mar 2:00 1 Sun Nov 2:00\n");

Checks to make sure the time updated, prints the results, and even writes memory (probably a little dangerous without some error checking):

my @clock = $session->cmd("show clock\n");
$session->cmd("wr mem\n");

And then the script completes. If you wanted to just get a printout of mac-addresses, you would just basically change the commands to perform a "show mac-address-table" (you could also remove the "enable" portion and the "wr mem"), but basically, once you get one script that logs in and successfully executes some commands, there's no limit as to how you can tweak that to do different stuff. You want to check your env, just change the commands to say:

show env all

You can print the output to a file and have it e-mail you. Like I said, the possibilities are basically endless.

 

[marshyrob]

Great! Thanks chipk!!

One more question then i will stop pestering you!!

Where do i get the packages from for lerdalt's script? Not sure where to look?

Doesnt look like he has a login part in his script either? Can i copy and paste your login part in?

Thanks your top man!

 

[chipk]

No, that script uses snmp and socket to log into any device. It's not cisco specific, whereas net-telnet-cisco is.

If you go to your Perl 5.8.8 group in your Start Menu/Programs, you should see something called PPM (Perl Package Manager). This is where you install Perl packages from (assuming you're using ActiveState).

you may need to add an environment variable on your XP machine if you use a proxy server, like so:

set HTTP_proxy=

http://proxy.com:80

The proxy server name and port will have to match whatever configuration you have on your network.

 

[marshyrob]

dont use a proxy, so thats fine!

Ive been into PPM and when i run the script it says it cant find SNMP_session?

Where do i get these packages from , looks like ive found a place but they are all .tzg or .tar files

Do i extract them and then use PPM to "rep set" them?

 

[chipk]

Sounds like you're using an older version of Perl. Is your PPM a command line or GUI? If command line, you just do:

search *

and then you install a package by using the package name, like so:

install net-telnet-cisco (for example).

It will install any dependencies automatically.

 

[marshyrob]

Thanks Chipk

its command line PPM. Im sure ill fudge my way through it, did a search and there was loads, when i downloaded the net-telnet-cisco it used a URL, not sure where the URL is for all the stuff in lerdalt's script?

Anyways, worthy of a star me thinks for all you time and effort! Much appreciated!

Rob

 

[chipk]

Well, the PPM lists packages in alphabetical order, so let's say you're looking for something to do with SNMP, just scroll through till you get to the S's (but there are also some under net-snmp). I think you can do wildcard searches on words, so if you did something like:

search *snmp*

I think that would list all packages with snmp in the name. In any case, if I remember correctly, you can type help or ? to get the command syntax.

With ActiveState, you want to add packages through PPM. Other versions, you download packages from the web and use whatever tool they have for adding packages.

 

[lerdalt]

wow..I missed a lot. For those modules, all I have is the following files in the same directory as the cammer.pl script:
BER.pm
SNMP_Session.pm
SNMP_util.pm

I tried finding a quick link to them on the internet, but was not able to come up with anything fast.

At the command line the syntax will be something like this:
perl cammer1.pl public@"Switch_IP" public@"router_IP"

substitute public with your read string and the "switch_ip" and "router_IP" with the ip addresses minus quotes.

 

[chipk]

snmp-util should be in ppm. I haven't seen those others.

 

[marshyrob]

Hi lerdalt

Thanks for all the info (and to chipk too!)

When run the script it keeps saying no response when it tries to query the VLANS with the community string "community@vlan"

The other issue is that we use IOS on the 6500 and your script asks for switch and router strings, ive used the same for both and it get this far before bombin out:

C:\Perl\bin>perl 6513.pl *******@172.2*.*.* ******@172.2*.*.*
* Gather VLAN index Table from Switch ARRAY(0x2**1c8)
* Gather Interface Name Table from Switch ARRAY(0x1***8)
* Gather Arp Table from Router ARRAY(0x1***4)
* Gather Mac 2 Port and Port 2 Interface table for all VLANS comunity@vlan ARRAY
(0x1***0), ARRAY(0x1***7c)
SNMP Error:
no response received
SNMPv2c_Session (remote host: "172.2*.*.*" [172.2.*.*].161)
community: "*******@70"
request ID: 257433081
PDU bufsize: 8000 bytes
timeout: 2s
retries: 5
backoff: 1)
at 6513.pl line 143
Terminating on signal SIGINT(2)

Any ideas? The community string is correct (but ive blanked it out here!)

Thanks in advance!

Rob

 

[lerdalt]

If you are doing Layer3 at the 6500, just put it's ip address in for both.

 

[marshyrob]

yeah did that and still the same issue!

Some of the OID's dont work so im just investigating with ones i know work!