Our company recently closed down half our office space, which was not being used. We gave back the unused space to the building management and had it walled off. Prior to us closing it off, I jotted down the network jack #'s on the side to be closed and made sure to disconnect them from the switches in our server room.
Today, I'm recreating a spreadsheet which lists all of our current physical network jacks, and where they are located in the resized office.
Two issues:
1) A few of the network jack numbers don't seem to be syncing up with the labels on the relay racks. For example, there is a logged in laptop plugged into jack# 28. So I go to the relay rack, find port 28, and trace it to the switch. Problem is, the port that it's plugged into on the switch, is not lit up, showing it as inactive. But, it most definitely is active and on the network. Is there a way, either by IP or name, to query a Cisco switch to tell you which port# that particular PC is plugged into?
2) There are a few ports on the switches which are lit up, indicating activity, but when I trace them back to the relay rack, they are attached to ports which are no longer in use, or no longer exist. I guess my question is as above, is there a way to display the IP or name of whatever is attached to that port on the switch?
Best Answer
Not quite a dupe, but there's a similar question here, which has some suggestions about mapping an IP address to a switch port.
In this case, it sounds like the best option is to identify all switch ports that are connected to devices you know about. My suggestions for this (assuming Cisco managed routers/switches):
Identify known devices
From your first hop router(s), do a broadcast ping on each subnet that is trunked to a switch supporting the office space (as opposed to any data centre space you may have). Note, this should be the directed broadcast address of each subnet, rather than the 'all devices' broadcast IP of 255.255.255.255 In Cisco IOS, this can only be done from privileged exec mode. For example, to ping all machines on the subnet 192.168.100.0/25, use:
This will populate the ARP cache of the router with entries for all machines on each subnet responding to ping.
Again on the first hop routers, extract the list of ARP entries for each subnet:
This will give you all the IPs and MAC addresses of every device that responded to the ping. You can check the list of IPs against DNS (or another naming service) to identify the names of specific devices. Any IP address that you can't match a name to should be flagged for further investigation.
Map known devices to switch ports
Take the list of MAC addresses and use it to determine which switch port each device is connected to.
Will show you the MAC address table entry for that particular MAC, including which switch port it's connected to. Alternatively:
Will show you the MAC address table for all ports in that VLAN. Note, the default time out for MAC address tables on Cisco devices is 5 minutes; you may need to run your broadcast ping again in order to repopulate it.
Map unknown devices to switch ports
For those IPs that you couldn't map to known devices, the commands in the previous section will tell you which port you need to check.
Also, run:
with no arguments. Take the output, and remove the lines for any known MAC addresses, as well as any router-router and switch-switch links. The MAC addresses that you will be left with are devices that are connected to your switch, but aren't communicating via IP to your first hop routers. The ports these appear on should also be flagged for investigation.
Map flagged ports to outlets
For all the ports you have flagged (i.e. devices you can't identify), you'll need to do a physical trace from the switch port to the access port on the office floor. If you're lucky, your landlord will use managed cabling infrastructure; if not, be prepared to lift floor tiles and trace cables the old fashioned way. Best of luck.