A core switch maintains an ARP table that maps a devices MAC address to its IP Address. You can easily display this table by entering "show ip arp" but it isn't sorted and on a large network will contain thousands of entries.
I wrote a simple python 3 script (ARP-Sort) that takes the output, cleans it up and then displays it in four sections:
IP address only
IP address and MAC address
IP address, MAC address and VLAN ID
IP address, MAC address and manufacturer.
Here is a snippet of the output:
Number of IP Addresses: 839 10.10.246.52 10.10.246.53 10.10.246.54
Number of IP and MAC Addresses: 839 10.10.246.52 2c31.2451.7fc1 10.10.246.53 286f.7f68.4c80 10.10.246.54 286f.7f68.5400
Number IP, MAC and VLAN: 839 10.10.246.52 2c31.2451.7fc1 246 10.10.246.53 286f.7f68.4c80 246 10.10.246.54 286f.7f68.5400 246
Number IP, MAC and Manufacture: 839 10.10.246.52 2c31.2451.7fc1 Vendor(manuf='Cisco', comment=None) 10.10.246.53 286f.7f68.4c80 Vendor(manuf='Cisco', comment=None) 10.10.246.54 286f.7f68.5400 Vendor(manuf='Cisco', comment=None)
One issue is that the ARP table will delete devices that haven't communicated for a while. You can try to ping the broadcast mask - ping 10.10.246.255 - but a lot of devices don't respond to a broadcast ping. I wrote a script that takes the output from "sh run | i ^interface|^_ip address" and parses subnets and pings all host. I have had good luck with this script refreshing the switch's arp table. The script is available here https://github.com/rikosintie/pingSVI
I use the output for several things. If I'm replacing a core switch I will save the output before the change then run it after the change. Since the output is sorted it's easy to use a file diff tool so see any differences. I use Meld (Meld File compare) on Linux\Windows to compare files. On Windows, Notepad++ is also a good tool.
I also use a free tool called PingInfoView from nirsoft.net. This tool takes a text file with IP/Host name entries and pings each device. I just run sh ip arp vlan x for the vlan of interest, run the script and paste the output into PingInfoView. It uses the MAC as the hostname but that is fine for a lot of situations. I set up a separate monitor off my laptop and create a "Dashboard" of PingInfoViews for Servers, Switches, Vlans, etc. that are critical.
Finally, I use the output with the manufacturer to look for specific manufactures. If you need to look for devices on specific interfaces I wrote another script that takes the output of "show mac add int g1/0/1 | i Gi" and maps MAC addresses to interfaces. Here is output from it: Number Entries: 305
Inviting all network professionals in operations! We'd like to understand what would be valuable for you in a mobile application. Your response will help Cisco improve a product feature that could benefit you. Thanks!
Click here to take the sur...
Cisco’s software-defined wide area network (SD-WAN) solution allows user to quickly and seamlessly establish an overlay fabric to connect an enterprise’s data centers, branch and campus locations, as well as colocation facilities in order to imp...
1. Log into CLI of DNAC:
ssh maglev@< DNAC appliance IP> -p 2222
2. Run this curl command to get token to get member id:
curl -X POST -u admin:<admin user password> -H -V https://<CLUSTER-IP>/api/system/v1/identitymgmt/token
Enterprise Switching Business Unit is glad to announce Beta release 16.12.2 for all Catalyst 9200/9300/9400/9500/9600 and Catalyst 3650/3850 Platforms. This release is made available to allow users to test, evaluate and share fee...
Purpose of the document
This document describes the general recommendations or best practices when designing and deploying the Cisco SD-Access technology. The document assumes that the reader has a general overview of Cisco's SD-Access for Distributed C...