- Posts: 2
- Thank you received: 0
Port uptime
17 years 6 months ago #22046
by Attish
Port uptime was created by Attish
Hi All!
Given a switch (Cat 3560) with plenty of servers and desktops connected to it. We are planning to put the servers on a different VLAN, so I have to find out which cables go to which. I could track down the cables physically but it does not sound too techy. That is why I thought I am going to differentiate them by trying to find out what their MAC addresses are by using "sh arp", but again I found that both the servers and the desktops (Dell) use the same first 6 character in their MAC addresses.
:roll:
Then I thought that if I could find out how long the port has been active, I could tell the difference between servers and desktops. So here is the question:
Do you think there is a command which shows you the port uptime?
On the same note, is there a way to find out when a port was last active?
Any help is most welcomed!
Thanks,
Attish
Given a switch (Cat 3560) with plenty of servers and desktops connected to it. We are planning to put the servers on a different VLAN, so I have to find out which cables go to which. I could track down the cables physically but it does not sound too techy. That is why I thought I am going to differentiate them by trying to find out what their MAC addresses are by using "sh arp", but again I found that both the servers and the desktops (Dell) use the same first 6 character in their MAC addresses.
:roll:
Then I thought that if I could find out how long the port has been active, I could tell the difference between servers and desktops. So here is the question:
Do you think there is a command which shows you the port uptime?
On the same note, is there a way to find out when a port was last active?
Any help is most welcomed!
Thanks,
Attish
17 years 6 months ago #22047
by TheBishop
Replied by TheBishop on topic Re: Port uptime
Can't think of a command that will do this for you, however you might want to try this: Come into work (or stay a little late) when all the other staff have gone, and check the port lights on the switch. Since all your desktops will (should!) have been shut down for the night, the ones left active are your servers
17 years 6 months ago #22049
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: Port uptime
You could possible do this if you monitored the switch using SNMP/SYSLOG. Problem is that you would need to go through the logging. We use SolarWinds Orion using SNMP traps, this tells us when a port goes down and when a port comes up.
Cheers
Cheers
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
17 years 6 months ago #22051
by d_jabsd
Replied by d_jabsd on topic Re: Port uptime
'show arp' and 'show mac-address-table' will tell you what is plugged in each port, assuming you know, or can get, the mac-addresses of the servers.
the first 6 digits of the mac are useless. You need to use the last 4-6 digits.
Always label your ports with 'description' command- it will save you time and headaches. Also, if the switch is being shared between servers and workstations, it is a good idea to keep like connections together-- personally, servers and workstation don't belong on the same switch, but that can't always be avoided, so if you have 10 servers physically layout the connections so that all of the servers are together at one end of the interface range.
example- use port one for network uplink, ports 3-10 for servers, and 11-24 for workstations. This will also save time and headaches.
Design your networks, don't just plug stuff in without thought.
the first 6 digits of the mac are useless. You need to use the last 4-6 digits.
Always label your ports with 'description' command- it will save you time and headaches. Also, if the switch is being shared between servers and workstations, it is a good idea to keep like connections together-- personally, servers and workstation don't belong on the same switch, but that can't always be avoided, so if you have 10 servers physically layout the connections so that all of the servers are together at one end of the interface range.
example- use port one for network uplink, ports 3-10 for servers, and 11-24 for workstations. This will also save time and headaches.
Design your networks, don't just plug stuff in without thought.
- skepticals
- Offline
- Elite Member
Less
More
- Posts: 783
- Thank you received: 0
17 years 6 months ago #22146
by skepticals
Replied by skepticals on topic Re: Port uptime
This is what I do if I need to find which port a device is in based on MAC address.
Assume MAC Address is: 00-07-E9-EC-F8-07
I would then issue the command:[code:1] show mac address-table | inc F807[/code:1]
This will display the mac address-table and then filter the results to only include entries that have F807.
Assume MAC Address is: 00-07-E9-EC-F8-07
I would then issue the command:[code:1] show mac address-table | inc F807[/code:1]
This will display the mac address-table and then filter the results to only include entries that have F807.
Time to create page: 0.128 seconds