Finding device at access switch

Leftz · ‎03-30-2023

Hello, we have a core L3 switch connected to 30 access switch L2. One device 10.10.10.10 is connected to the access switch with vlan 10. Now we have ip address and its mac for this device. we can find which access switch the device is connected to. but we need to logon to each access switch one by one. Is it possible to find the device quickly? Thanks

Flavio Miranda · ‎03-30-2023

Hi

What you can find quick is in which access switch the device is connected. If you have the mac address you just need to check which port the mac address comes from and you will know which switch is it.

On the core you do:

show mac address-table address (client mac address)

You will see something like:

Vlan Mac address Type Port (This port is the uplink between Core and Access switch)

But, if you want to know in which port of that access switch the device is connected, you need to access the access switch to figure this out.

DavidMcClain9266 · ‎03-30-2023

Start at the L-3 Switch. Run the show arp command with the IP 10.10.10.10. That will give you the MAC address of the device. Then at the L-3 switch use the command show mac-address address and copy and paste in the mac address you found from the show arp command. That will point you to the switch that the device is connected to. Log into the access layer switch, and use the show mac-address address and copy and paste in the mac address. This will show you the port the device is connected to.

Leftz · ‎04-03-2023

Thanks. but some of them cannot work, for example, In the L3 SW, show arp can show the device's mac address, and its port, but the command cannot show its mac address for some device, so that we cannot know its port connected to L2 sw. In other word, in L3 SW, show arp can show all ip address and mac, but show mac add cannot show all mac address shown by show arp,

balaji.bandi · ‎04-03-2023

Its all depends what device you have in the network, we have seen some medical device not show MAC address at all, and it pings as expected with IP address, that is odd we have observed,

So learning experience, we make description of the port with MAC address, so we can easily identify them

You should have system in place some time to grab all the MAC address and port information make it work out of box like Python to co-related.

As a network admin - responsible for all the device in the network and audit regular basis.

check what device that is not showing MAC address and identify make a fixed ports to plug in in the future use case.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

DavidMcClain9266 · ‎04-05-2023

Do you have vlan interfaces aka SVI's configured on the L3 switch? Are you connecting access layer (L2) switches to the L3 switch? If so, then yes you should most definitely be able to see what switch it the device is connected to. For Example
On the L3 switch:
Show arp 10.10.1.5 displays the mac address aabb.ccdd.eeff
On the L3 switch:
Show mac address-table address address aabb.ccdd.eeff should show the interface that the mac is received on
Show cdp neighbor will show the name of the switches connected. Look for the cdp entry corresponding to the interface displayed.

Leftz · ‎04-03-2023

Right, it also depends on the device status.

KJK99 · ‎04-03-2023

@Leftz If you know the IP address, try to ping the device from another subnet first. If it responds, its MAC address will be registered in the ARP and MAC address tables on the L3 switch.

Kris K

Leftz · ‎04-03-2023

Right, thanks

MHM Cisco World · ‎04-05-2023

https://github.com/pouriyajamshidi/CiscoMacFinder

This Q round and round in Cisco community' the answer is python script that use to detect mac address in network check link above.

Thanks

MHM