查找服务器对应交换机端口

 

Netkiller Cisco IOS 手札

netkiller Neo Chan

2009-12-12

版权声明

转载请与作者联系,转载时请务必标明文章原始出处和作者信息及本声明。

查找服务器对应交换机端口

 

文档出处: http://netkiller.sourceforge.net/ | http://netkiller.github.com

文档最近一次更新于 Tue Nov 29 11:45:42 UTC 2011


 

当你空降到一家新公司,一般情况下都是,工作一团乱麻,前任迫不及待的等待工作交接或者工作转移,
等着你去救火,如果工作井然有序,公司也不能去招聘新人。
所有当你看到一团乱麻的网络与服务器,束手无策,你想重新整理,又不能影响现有业务。
怎样快速寻找交换机端口对应的服务器。我使用过很多方法(不能中断网络,所有不能使用寻线设备),开始show arp
show mac地址表,寻找对应关系,比较麻烦。
后来想到CDP协议,采用tcpdump 抓包,可以快速看到服务器插在那个交换机端口上。
$ sudo tcpdump -nn -v -i eth0 -s 1500 -c 1 'ether[20:2] == 0x2000'
[sudo] password for neo:
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 1500 bytes
13:51:31.825893 CDPv2, ttl: 180s, checksum: 692 (unverified), length 375
        Device-ID (0x01), length: 7 bytes: '4A3750G'
        Version String (0x05), length: 182 bytes:
          Cisco IOS Software, C3750 Software (C3750-IPBASE-M), Version 12.2(35)SE5, RELEASE SOFTWARE (fc1)
          Copyright (c) 1986-2007 by Cisco Systems, Inc.
          Compiled Thu 19-Jul-07 19:15 by nachen
        Platform (0x06), length: 23 bytes: 'cisco WS-C3750G-24TS-1U'
        Address (0x02), length: 13 bytes: IPv4 (1) 193.168.0.254
        Port-ID (0x03), length: 21 bytes: 'GigabitEthernet1/0/15'
        Capability (0x04), length: 4 bytes: (0x00000029): Router, L2 Switch, IGMP snooping
        Protocol-Hello option (0x08), length: 32 bytes:
        VTP Management Domain (0x09), length: 3 bytes: 'xiu'
        Native VLAN ID (0x0a), length: 2 bytes: 11
        Duplex (0x0b), length: 1 byte: full
        AVVID trust bitmap (0x12), length: 1 byte: 0x00
        AVVID untrusted ports CoS (0x13), length: 1 byte: 0x00
        Management Addresses (0x16), length: 13 bytes: IPv4 (1) 193.168.0.254
        unknown field type (0x1a), length: 12 bytes:
          0x0000:  0000 0001 0000 0000 ffff ffff
1 packets captured
1 packets received by filter
0 packets dropped by kernel
$ sudo tcpdump -nn -v -i eth0 -s 1500 -c 1 'ether[20:2] == 0x2000' | grep GigabitEthernet
[sudo] password for neo:
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 1500 bytes
        Port-ID (0x03), length: 21 bytes: 'GigabitEthernet1/0/15'
1 packets captured
1 packets received by filter
0 packets dropped by kernel 

运行命令后显示

Port-ID (0x03), length: 21 bytes: 'GigabitEthernet1/0/15'

 这个就是交换机对应的端口

 

 

在每个服务器上创建一个脚本port.sh

tcpdump -nn -v -i eth0 -s 1500 -c 1 'ether[20:2] == 0x2000' | grep GigabitEthernet

 

然后批量执行

 

for ip in {23..32} {49,50,53,54} {81..92} {121..127}; do rsh [email protected].$ip port.sh & done &

 

 

 

你可能感兴趣的:(ios,linux,tcpdump,Cisco,cdp)