Cisco – How to find a list of devices connected to the network (IP’s and MACs)

ciscocisco-catalystipv4mac addresssnmp

I am trying to get a list of the devices that are connected to my Cisco (Catalyst 2960) switch. Preferably through SNMP. Here is what I've already done:

I was able to retrieve the ARP table from the switch (through SNMP walking OID 1.3.6.1.2.1.4.22.1.2 on the switch). However this does not reflect the 'live' set of IP's since ARP does not update when devices go offline. In other words, when I restart a device and it acquires a new IP address (dynamic) I end up with the old IP address also listed in my ARP table, even though that IP is not currently on the network.

Is there any way for me to find that 'live' list through the switch, preferably avoiding the ARP table?

P.S. I cannot continuously ping the devices to determine their status, I'm working under very low bandwidth conditions.

Best Answer

Is a broadcast ping to the subnet from the SVI on the switch (which is low-bandwidth), and using show mac address-table dynamic out of the question?

some-switch#show mac address-table dynamic
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
   1    000f.257b.ba3b    DYNAMIC     Gi1/0/49
   1    0011.254f.a5be    DYNAMIC     Gi1/0/49
  56    0000.0c57.aa00    DYNAMIC     Gi1/0/49
  56    0004.0ff4.8cf4    DYNAMIC     Gi1/0/49
  56    0004.0af4.c8fb    DYNAMIC     Gi1/0/5

At this point, use your ARP table to map from mac-address to IP address.

Doing this with SNMP is possible, but somewhat painful if you need to know what port each mac-address is on... use dot1dTpFdbAddress to grab the mac-addresses, dot1dBasePortIfIndex to map to interface ifIndex and then ifName to map from ifIndex to a name you'll recognize.

Related Topic