cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2096
Views
0
Helpful
9
Replies

Tracking Switch Port Usage

kevin.hu
Level 3
Level 3

We have users buying their own 8-port D-link/Linksys/Netgear mini hub to connect multiple network devices.  Is there an easy way to find switch ports that have multiple MACs associated with them, excluding uplink ports?  Keep in mind that we have 1000 switches spread across 350 offices.  We have CiscoWorks RME 4.0 to use.  Any free tool that can perform such task?

Thanks!

9 Replies 9

Jon Marshall
Hall of Fame
Hall of Fame

Kevin

Are you wanting to find them or stop them ?


If you want to stop them then use port-security on the access switches to only allow one mac-address per port.

Jon

Jon,

I want to find them and then provide 8-port managed Cisco switch to them.  Enable port security enterprise wide would be very intensive for me and disruptive for them.

Thanks.

Kevin

kevin.hu wrote:

Jon,

I want to find them and then provide 8-port managed Cisco switch to them.  Enable port security enterprise wide would be very intensive for me and disruptive for them.

Thanks.

Kevin

Kevin

Ahh okay. Not familiar with specific tools for this. I don't have a lot of experience with Ciscoworks so not the person to answer. You may want to post on Network Management forum where Joe Clarke may well have something that could be easily modified for your use.

If you had the IP address of every switch then i would probably write a quick perl or tcl script to login to each switch, check the mac-address tables and sort through ports that have multiple mac-addresses associated with them. If you also run CDP on the switches you could then eliminate the ports that are uplinks.

Believe it or not this is the sort of thing i quite enjoy doing but i appreciate it may not be everyones idea of fun !!

Jon

Yeah I agreed with you.  With this requirement, I almost need a custom made script to accomplish this.  I hope there is someone who had done this kind of thing before.

Leo Laohoo
Hall of Fame
Hall of Fame

What about port security?  Try the following lines in the interface: 

   switchport port-security
   switchport port-security aging time 2
   switchport port-security violation restrict
   switchport port-security aging type inactivity

Thanks Leo.  Port security would block their network access.  I just want to find out where these hubs are.  I would think CiscoWorks might have some tools for me to track it down?

Hi Kevin,

I have a more effective way of "tracking them down" for you.  *wink*, *wink*

Enable port security.  Once the port goes into error-disable, they'll call you.  You'll know who they are, where they are (and if they're pretty, their vital statistics).

If that ain't an effective way of tracking the culprits down, I don't know what is.

charlesdf22
Level 1
Level 1

You could enable enable port-security with auto recovery and snmp traps to let you know.

snmp-server enable traps port-security

I had also thought that Nedi had some sort of mechanism built in so you can look at each port and see how many mac addresses there were.  There were some other products that I have run across as well, such as NetMRI or NetDisco which should be able to do something similar out of the box.

Thank you all.  I reposted my question in network management forum and Joe Clarke said that CiscoWorks Campus Manager has exactly what I am looking for.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: