设为首页收藏本站
开启辅助访问 切换到窄版

a我考网

 找回密码
 立即注册

QQ登录

只需一步,快速开始

扫一扫,访问微社区

我考网»我考网社区 计算机考试 思科认证 思科认证辅导之根据IP地址查交换机端口
返回列表 发新帖
查看: 68|回复: 0

[综合] 思科认证辅导之根据IP地址查交换机端口

[复制链接]
会计考友
发表于 2012-8-3 20:03:30 | 显示全部楼层 |阅读模式
思科认证辅导之根据IP地址查交换机端口
  y! F4 h& q. [# J根据IP地址查交换机端口. M  q' T' |. h% ^/ f
在一个Cisco 交换网络中间,已知某台机器的IP地址,如何找出它连接到了哪台交换机的哪个端口上呢?最方便快捷的方法使使用CiscoWorks 2000 LMS网管软件的User tracking 功能,图形化界面,一目了然。
6 h) L" M' k) x: C: O9 a如果没有这个软件,也可以使用以下手工分析方法来找出答案:# ]% [* A, Z' J) U
示例网络:核心交换机为6509(交换引擎SE用CatOS, MSFC运行IOS软件)% F, g  S& O9 V9 u8 U+ F0 a
1. 找出该IP所对应的MAC地址:% w, t3 f* m& @! ?
通过查看系统的ARP缓存表可以找出某IP所对应的MAC地址。由于ARP不能跨VLAN进行,所以连接各个VLAN的路由模块MSFC就是最佳的选择--一般它在每一个VLAN都有一个端口(interface vlan n),能正确地进行ARP解释。
, g) @, W9 b- h( o' R! A3 u6509MSFC#ping 10.10.1.65) \: i) g" B7 t6 V7 `/ L
Type escape sequence to abort.
, v. C& w1 n8 Q) r4 fSending 5, 100-byte ICMP Echos to 10.10.1.65, timeout is 2 seconds:  p  H" D( d9 D) y8 ^
!!!!!- d# q6 c  l) i* e: o6 A3 [
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms* s( ^* i, O" x3 l4 A
6509MSFC#show arp | in 10.10.1.65! [7 n7 h- B. V1 _# v& h* d9 f
Internet 10.10.1.65 2 0006.2973.121d ARPA Vlan2) A' C( V; A' v7 t$ {& v
通过以上命令,我们知道10.10.1.65的MAC地址是0006.2973.121d, 这是IOS设备的MAC地址表达方式,在CatOS中,应写为00-06-29-73-12-1d.; m. I+ N! n  r3 ?6 E2 a7 p: q
2.在交换机上找出MAC地址所对应的端口4 e  ^) Q. J. H! w
6509SE》 (enable) show cam 00-06-29-73-12-1d
# k& M4 e  }. m* Q3 [* = Static Entry. + = Permanent Entry. # = System Entry. R = Router Entry.2 a  Q0 W+ u% A; y& I8 }0 N
X = Port Security Entry $ = Dot1x Security Entry
( R, e6 x( R6 t" ]VLAN Dest MAC/Route Des [CoS] Destination Ports or VCs / [Protocol Type]
- K6 Z6 M: L1 f) W( |. x2 00-06-29-73-12-1d 9/41 [ALL]+ b; f4 K7 r( M" b9 D
Total Matching CAM Entries Displayed =1
# n( N% ~; E# |7 _这是不是说IP为 10.10.1.65的机器就接在端口9/41上呢?
: v: R1 k3 o; ~' U不一定。如果以下命令中显示该端口上只有一个活动的MAC地址,那么答案就是肯定的:
. O8 `$ ?: p& k3 C  a% B1 X  {6509SE》 (enable) show cam dynamic 9/41, [) g4 }$ K  b; ?
* = Static Entry. + = Permanent Entry. # = System Entry. R = Router Entry.
5 w% _$ U' S. h/ q# ~9 n. fX = Port Security Entry $ = Dot1x Security Entry) m" O, }5 X5 a0 c# m) ^% [
VLAN Dest MAC/Route Des [CoS] Destination Ports or VCs / [Protocol Type]+ e4 Y0 C) C5 L1 x: h% F2 f0 H
2 00-06-29-73-12-1d 9/41 [ALL]
: A1 i- c5 D, jTotal Matching CAM Entries Displayed =1
  \; D  J3 o7 n% l( _如果该命令显示该端口上有多个活动的MAC地址,那么这个端口应该连接到别的交换机或HUB设备上,见下面的例子(查找IP为10.10.1.250所对应的交换机端口):
& c$ q- e2 ], W' y) W6509MSFC#ping 10.10.1.250
, \$ l2 u$ j/ ~8 E$ s' xType escape sequence to abort.
% v) f- ~/ N% t, _% k/ Y& l  {Sending 5, 100-byte ICMP Echos to 10.10.1.250, timeout is 2 seconds:6 Y1 X2 f! Q- A2 P, q) @* o

/ F& k7 O5 v3 ~( F
; L1 a% B- H, A# G8 \* [' cSuccess rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms0 r2 U  C% q5 f" D0 Y6 e( L
6509MSFC#show arp | in 10.10.1.250
0 ]$ }: f" Y6 _* g1 FInternet 10.10.1.250 4 0009.6b8c.64ec ARPA Vlan2! m& |$ g; J0 z% j
6509SE》 (enable) show cam 00-09-6b-8c-64-ec
% c1 Q8 @9 }) G" }8 p* = Static Entry. + = Permanent Entry. # = System Entry. R = Router Entry.; A, w1 ~1 C3 O( c9 g
X = Port Security Entry $ = Dot1x Security Entry$ R- [4 m. ?! P1 i
VLAN Dest MAC/Route Des [CoS] Destination Ports or VCs / [Protocol Type]
' d" o, i; p+ n$ e3 B+ [---- ------------------ ----- -------------------------------------------
" t% a) e% S0 x  N* ~$ T2 00-09-6b-8c-64-ec 3/11 [ALL]0 ?1 A+ M1 C' C3 n
Total Matching CAM Entries Displayed =1" I: J' V( g2 M6 j6 ]" ?
6509SE》 (enable) show cam dy 3/112 |7 X/ G% Y5 c1 E& v7 @* Z
* = Static Entry. + = Permanent Entry. # = System Entry. R = Router Entry.
* W0 M; E% [8 AX = Port Security Entry $ = Dot1x Security Entry5 f  g9 E1 a+ c1 K. u) w0 Q2 R. e
VLAN Dest MAC/Route Des [CoS] Destination Ports or VCs / [Protocol Type]
" `+ `" A$ H1 C% s4 h1 00-03-e3-4b-06-80 3/11 [ALL]' v2 @" X0 e6 L$ w% d
1 00-08-02-e6-b0-cd 3/11 [ALL]: z  W5 Z( [1 z5 y( @, x$ \
1 00-02-a5-ee-f2-4f 3/11 [ALL]
3 T% M+ ~& i; i( |3 Z8 ?1 00-09-6b-8c-66-d6 3/11 [ALL]
# M) H( l/ a/ |5 U1 00-09-6b-63-17-d9 3/11 [ALL]
/ Q( D4 f. T: ^% z! K1 00-0b-cd-03-ec-f5 3/11 [ALL]
/ ~8 e9 c1 S! e$ M1 00-09-6b-63-17-d8 3/11 [ALL]
4 M% F7 ], g1 H  d6 s( U4 P' H) a1 00-08-02-e6-b0-c1 3/11 [ALL]
7 M4 n7 X  S7 a5 v; R4 U9 r1 00-08-02-e6-b0-85 3/11 [ALL]
8 C" r* {* b1 }1 00-08-02-e6-b0-81 3/11 [ALL]
1 j4 W3 E0 T& s( W9 m# T1 00-02-a5-ef-16-af 3/11 [ALL]
, \8 T, a0 Q5 J; o* l3 C1 00-02-a5-ee-f2-93 3/11 [ALL]
& r, p0 L0 P; g( ]1 E. y' o1 00-02-55-c6-05-61 3/11 [ALL]
$ b4 y+ o1 o2 O0 [" _% h, }  V9 W& _2 00-09-6b-8c-64-ec 3/11 [ALL]
7 o: C3 T" w0 w/ A1 k% z# G3 M7 }1 00-08-02-e6-b0-ed 3/11 [ALL]
" t8 b2 M, u' o0 R  o0 z( G1 00-08-02-e6-b0-a9 3/11 [ALL]
8 c) g0 L1 p) G' e1 j. b1 00-02-55-54-7a-e0 3/11 [ALL]  h/ L. o. w* o! ?$ w5 k# c4 o
1 00-02-a5-ef-15-a6 3/11 [ALL]
3 R. I9 `' Y# S. {" E1 00-08-02-e6-af-8f 3/11 [ALL], o0 @( c1 P0 O, A
1 00-08-02-e6-b0-bd 3/11 [ALL]
0 c2 P, v" ], e0 J: M1 00-0b-cd-03-db-8b 3/11 [ALL]/ p% {2 \0 V6 v) B$ j
1 00-09-6b-8c-25-50 3/11 [ALL]! O8 `; i( Q1 P8 Y, g+ c
Do you wish to continue y/n [n]? n- X+ r; Y) z  ]6 j  V/ n9 I
由于该端口连接到另一台交换机或HUB,必须继续追查,方法如下:
3 g7 f* J' i" S1 I6509SE》 (enable) show cdp nei 3/11/ `( c0 X$ y& t& A& N4 }, F
* - indicates vlan mismatch.
2 ]* b$ v  _! _# - indicates duplex mismatch.
& O6 V' g# v4 f+ K8 j( uPort Device-ID Port-ID Platform+ A5 _  i" G. J' L* P2 B
3/11 Cisco2924 GigabitEthernet1/1 cisco WS-C2924M-XL: V9 y6 l  I/ P
该命令显示对端设备是一台Cisco2924,如果没有显示,那么说明连接的是别的厂家的设备,可能要到该交换机上用类似的办法继续追查。本例子中是Cisco 设备,所有我们可以继续:5 n4 X/ \4 `% f6 X0 [: L
6509SE》 (enable) show cdp nei 3/11 de+ f/ X. ^1 p) d/ {* H/ ]- s
Port (Our Port): 3/11
  L  ?* b( E( I/ o  _" T; S3 e' F9 B/ z6 f8 Y

. \5 O, j4 g) N6 V1 }9 TDevice-ID: Cisco2924
% c% K7 b( B/ S' ZDevice Addresses:4 c# C  U; F& m/ ^/ b" q$ S4 X
IP Address: 10.10.0.60
' J4 Q2 q7 j* I5 i: Y: V9 _Holdtime: 153 sec5 |  N& o7 |. K" P- b& m; q
Capabilities: TRANSPARENT_BRIDGE SWITCH  a+ N+ S6 q' M6 t# H
Version:
! c4 d+ i" @" T& k9 g$ \Cisco Internetwork Operating System Software
, Z2 a3 f$ W: K' m8 ?) vIOS (tm) C2900XL Software (C2900XL-C3H2S-M), Version 12.0(5.2)XU,. L  u/ g7 S" F4 b0 d
MAINTENANCE INTERIM SOFTWARE* X6 A+ u+ m7 N; O
Copyright (c) 1986-2000 by cisco Systems, Inc.3 X* C- S# r" j
Compiled Mon 17-Jul-00 17:35 by ayounes
2 f' Q( s! E$ w8 u8 e; `) OPlatform: cisco WS-C2924M-XL
3 _- H* O& f* Z* A+ U  @7 {Port-ID (Port on Neighbors‘s Device): GigabitEthernet1/1
( z" w9 U  c. yVTP Management Domain: lan" W" s& G4 c! @
Native VLAN: 15 z) F) F+ a* |8 E' A
Duplex: full
- @( x7 d# B  w' k" VSystem Name: unknown
+ O: d6 R! l# a$ B# T) D% B+ YSystem Object ID: unknown& t7 n* J% C: _2 j. ~$ ]
Management Addresses: unknown
; e2 ?1 b& k  l+ a' t% XPhysical Location: unknown
/ l+ z( C- [0 Y" R3 W6 f2 H( k: sCisco2924#show mac-address-table dynamic address 0009.6b8c.64ec3 p- F6 A! Q; ]
Non-static Address Table:
+ e# b2 g$ c% e) \8 RDestination Address Address Type VLAN Destination Port
/ U: f2 p1 V1 d. I------------------- ------------ ---- --------------------
. ]' e) m% t# x; b0009.6b8c.64ec Dynamic 2 FastEthernet0/2
' a  A5 o  f1 X0 r5 aCisco2924#show mac-address-table dynamic interface f0/2/ l7 N2 W# T& q' E2 b
Non-static Address Table:
6 g6 I4 J$ O0 f5 y! O. K6 SDestination Address Address Type VLAN Destination Port
+ B, ^. E7 n7 n4 E. d------------------- ------------ ---- --------------------
, w" O! V3 T) s, j* B; z' h0009.6b8c.64ec Dynamic 2 FastEthernet0/2
( r( \1 A4 I9 b. O. @通过以上命令可知,MAC地址0009.6b8c.64ec 与Cisco 2924交换机相连,且是该端口上唯一活动的MAC地址,所以IP为10.10.1.250的机器应该就连接在这个端口上。
回复

使用道具 举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

Archiver|手机版|小黑屋|Woexam.Com ( 湘ICP备18023104号 )

GMT+8, 2024-5-15 21:36 , Processed in 0.163481 second(s), 21 queries .

Powered by Discuz! X3.4 Licensed

© 2001-2017 Comsenz Inc.

快速回复 返回顶部 返回列表