I have a Cisco Nexus 5672 which only lists the management VLAN ARP records, when doing show ip arp vrf all yet we have many VLANs on this switch, but it doesn't have a IP in all the VLANs, only the management one.
Can I somehow 'sniff' the ARP responses on the various VLANs to learn where machines are connected on the downstream (layer 2) switches? Will this require a IP in each VLAN or is there a feature that I can enable to do this?
I've already enabled feature interface-vlan but this has made no difference.
Best Answer
ARP is only required if a device needs to know the MAC address of an IP address.
If the route between the IP address of the switch to some device is via a router (which it will be if you have a management LAN) then all the traffic will go via the router, and so you'll just the ARP entries for the router and any other directly-connected management devices.
It is possible to capture packets with a monitor port on switches, but it has many issues.
But if what you actually want is to find out which devices are where, perhaps
will do what you want
Also, CDP will show you switch adjacency, which might be helpful for you.
[EDIT] And additionally, as noted in comments, if you're mapping from IP addresses to switches, you can check at the gateways for the various hosts. Depending on your network, this might be one or many routers. Of course, the ARP mapping are in the routers, but the layer 2 information is in the switches. For automated collection, consider SNMP or quick-and-easy crontabs such as
ssh router show ip arpandssh switch show mac-address-table