Hi,

Thanks for the reply...

But how can i find the MAC address of the user to use sh ip arp command..

Rgds

Chandra

Hi,

The "sh ip arp" command will provide that.

#sh ip arp 10.37.2.10
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  10.37.9.50              4   19a5.0662.d430  ARPA   Vlan1

#sh mac-a add 18a9.0552.d430
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
   1    19a5.0662.d430    DYNAMIC     Gi2/6

Please rate the helpfull posts.
Regards,
Naidu.

Hi,

I am using cisco 2950 switch, With sh ip arp x.x.x.x i am able to find only vlan and mac address but how can i find the user in 100 switches where he is connected.

Rgds

Chandra

Hi,

I take it that you are using a router or intervlan L3 switch in your network.

As you have assigned static IP addresses you must know what the default gateway IP addresses are

Usually the default gateway will be the local router on VLAN/subnet.

E.g.

You want to assign 192.168.100.100 to a device.

You no the mask is 255.255.255.0

The default gateway is 192.168.100.254

You ping ping 192.168.100.100 to test if someone is already using that address.

Yes it responds to ping

You need to logon to the router at 192.168.100.254

sh arp | incl 192.168.100.100

This will give the MAC

eg. AAAA.BBBB.CCCC

You now need to use the sh mac-address-table address AAAA.BBBB.CCCC

The output should give the port/interface.

It may be on an uplink port to another switch so you need to hop there and repeat sh mac-address-table address AAAA.BBBB.CCCC

till you find the port with the offenfdng device.

HTH

Alex

Please rate useful posts

Hi,

it's more comfortable to use

trace mac

or

trace mac ip

command on the current Cisco switches.

Read this

http://www.cisco.com/en/US/customer/docs/switches/lan/catalyst2950/software/release/12.1_13_ea1/configuration/guide/swtrbl.html#wp1084348

for details.

HTH,

Milan

Hi,

I would suggest you to trace with the specific mac address only.
You need to login to each switch and give a command "sh mac-a add aaaa.bbbb.cccc"
In this way you can easily findout the physical connectivity of that IP.

Please rate the helpfull posts.
Regards,
Naidu.

Hi,

When i am using sh ip arp output is showing as below,, its HSRP virtual mac ID

Switch#sh ip arp 192.168.10.10

Protocol  Address          Age (min)  Hardware Addr   Type   Interface

Internet  10.2.2.60              13   0000.0c07.ac01  ARPA   Vlan1

Output of trace mac is as below

C-203-2950#trace mac ip 172.16.255.211 192.168.10.10

Invalid destination IP address 192.168.10.10.

Layer2 trace aborted.

Please help me

Regards

Suresh Chandra

Hi,

as your switch does not know the MAC address assigned to IP address  192.168.10.10, this trace command syntax fails.

Try to use "trace mac any_known_mac_address mac_address_you_are_investigating"

command syntax.

Both MAC addresses have to be in the same VLAN and your sitches need to fulfil prerequisites specified in the link I sent you.

HTH,

Milan

Firstly, your switch and/or server IPs and users really should be on different VLANs, to help mitigate something like this

That said, one thing we've done to prevent something similar was to set up PACLs on the switches' access ports

We created the PACL to block any traffic coming from say, the reserved range of IPs for the switches / network devices on the ports connected to user or end devices, while leaving it off of the trunk / uplinks

Example

Your server IPs are 10.1.1.2 - 25

Make an ACL that blocks all incoming traffic for those IPs and apply it to the access ports of the switch, minus the ones the servers actually connect to

Now, when your user sets his static IP to one of your server IPs it goes nowhere

Sent from Cisco Technical Support iPad App

Hi,

When i trace with souce and distination mac IDs with in same vlan i got below output,

xxxxxx#trace mac 00-90-F5-B2-C9-AB 00-19-bb-2b-ee-b4

Error: Destination Mac address not found.

Layer2 trace aborted.

Rgds

Suresh

Hi,

are you able to see the destination MAC in the switch forwarding table by

sh mac-add ress-table address 00-19-bb-2b-ee-b4

command?

If not, you can't trace it.

If yes, the trace command fails for some reason and you need to trace the MAC address manually connecting to each sith on the path.

HTH,

Milan