ARP Table & VLANs on a Catalyst Switch

Answered Question
Dec 12th, 2011
User Badges:

I'm new to VLANs on Cisco gear.


I need the command to display the ARP table for my VLANs. When I use the "sh arp" or "sh ip arp" all I see are the ARP entries for my switch - none of my devices appear. When I try to add the "Vlan" parameter as the "sh ip arp ?" indicates the switch tries to resolve "Vlan" and then does nothing. Thus:


18W-ACC1>sh ip arp

Protocol  Address          Age (min)  Hardware Addr   Type   Interface

Internet  172.17.253.2            -   58bc.27d8.f541  ARPA   Vlan253

Internet  172.17.253.254        172   0000.0c07.acfd  ARPA   Vlan253

18W-ACC1>sh ip arp Vlan3

Translating "Vlan3"...domain server (255.255.255.255)

                    ^

% Invalid input detected at '^' marker.


18W-ACC1>sh ip arp Vlan 3

Translating "Vlan"...domain server (255.255.255.255)

                    ^

% Invalid input detected at '^' marker.


How can I display the mac addresses of devies on my networks?


Thanks,


Joe

Correct Answer by Richard Burts about 5 years 6 months ago

Joe has not told us whether this network is all in the same VLAN/same subnet or whether it is in several VLANs/several subnets.


The suggestion from Alain will work is the destination is in the same subnet as the management interface of the switch. But if the destination is in a different subnet then the switch will arp for its default gateway and the destination will not be in the switch arp table.


If this network is in several subnets then what Joe needs to do is to go to the layer 3 device that is routing between the subnets and do the show arp on that device. This is where he will find the MAC that is associated with the device. And once he finds the MAC in the ARP table then he may need to use show mac address-table to find the switch and the switch port where it is connected.


HTH


Rick

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Edwin Summers Mon, 12/12/2011 - 11:04
User Badges:
  • Bronze, 100 points or more

Perhaps you are looking for the show mac-address-table command?

Rudy Rucker Mon, 12/12/2011 - 11:06
User Badges:



sh mac address-table


If you have many vlans, you can use this:


sh mac address-table  vlan 3


The - between mac and address-table is gone in newer IOS versions...

cadet alain Mon, 12/12/2011 - 11:04
User Badges:
  • Purple, 4500 points or more

Hi,


you can use show mac address-table vlan command  to see MAC addresses learnt in a particular VLAN.

Don't forget that by default the entries time out after 5 minutes.  The sh arp entries will only show you the MAc addresses of devices which used a L3 interface on the switch for going out either on a different VLAn or on  a remote subnet.


Regards.


Alain.

Richard Burts Mon, 12/12/2011 - 11:07
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Joe


Let us start by reviewing what ARP does and how the ARP table is built. From that we can find an ansewr to your question. ARP is used when a layer 3 device needs to find the MAC address for an IP address with which it needs to communicate. They layer 3 device sends an ARP request as a broadcast on its local broadcast domain. The ARP table is built as devices respond to the ARP request.


From this we can understand that the ARP table on a switch will contain only the addresses for which this switch has attempted to communicate at layer 3. Since this appears to be a layer 2 switch then the ARP table will be very small and will not identify all the devices connected to the switch.


What you need to look at is the command show mac address-table. This should show you the MAC address of devices connected to the switch. (note that if the switch is connected to other switches then the mac address-table may contain MAC address of devices that are connected on other switches.


HTH


Rick

joemis Mon, 12/12/2011 - 11:10
User Badges:

Nope - tried this.


I have a device on my network whch I cannot identify.  All I can find is the IP address. I need to be able to find the mac  address, and my sh mac-address-table does not give me IPs. What I need  is a command that will give me the mac address of 192.168.230.XXX. In a  non-VLAN environment that used to be show ip arp.


Thanks,


Joe

cadet alain Mon, 12/12/2011 - 11:11
User Badges:
  • Purple, 4500 points or more

Hi,


ping this device from the switch and then do a sh arp.


Regards.


Alain

joemis Mon, 12/12/2011 - 11:16
User Badges:

No good-  that was the first thing I tried. Here is the result:


18W-ACC1>ping 192.168.230.5


Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.230.5, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/5 ms

18W-ACC1>sh arp

Protocol  Address          Age (min)  Hardware Addr   Type   Interface

Internet  172.17.253.2            -   58bc.27d8.f541  ARPA   Vlan253

Internet  172.17.253.254        193   0000.0c07.acfd  ARPA   Vlan253


The device responds but does not appear in the arp table. since I have no mac address, the sh mac-address-tabel is useless to me as well.


J

Richard Burts Mon, 12/12/2011 - 11:18
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Seeing this additional information confirms that the network is in several subnets. So see my other response for what to do about several subnets.


HTH


Rick


[edit] this switch is in 172.17.253.0 subnet. It looks like the gateway is 172.17.253.254 and this is the device where you need to do show arp.

Correct Answer
Richard Burts Mon, 12/12/2011 - 11:17
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Joe has not told us whether this network is all in the same VLAN/same subnet or whether it is in several VLANs/several subnets.


The suggestion from Alain will work is the destination is in the same subnet as the management interface of the switch. But if the destination is in a different subnet then the switch will arp for its default gateway and the destination will not be in the switch arp table.


If this network is in several subnets then what Joe needs to do is to go to the layer 3 device that is routing between the subnets and do the show arp on that device. This is where he will find the MAC that is associated with the device. And once he finds the MAC in the ARP table then he may need to use show mac address-table to find the switch and the switch port where it is connected.


HTH


Rick

joemis Mon, 12/12/2011 - 11:22
User Badges:

Great - thanks much!


I was always used to be able to do this from any device and following the chain from one to the other...


Joe

Actions

This Discussion