03-14-2014 11:34 AM
Hello there,
I´d like to create a script to find where an IP address is associated.
Manually I can do that using the command "show arp | in 10.10.10.50" (IP that I am looking for), that give me the mac address and then I use the command "show mac ad ad 4055.39dc.f468" (mac associated to that IP).
GW01#show arp | in 10.10.10.71
Internet 10.10.10.71 0 4055.39dc.f468 ARPA Vlan10
GW01#show mac ad ad 4055.39dc.f468
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
10 4055.39dc.f468 DYNAMIC Po4
Total Mac Addresses for this criterion: 1
Would be nice if I can execute the EEM informing the IP address (example: findport 10.10.10.50) and get the final result (interface where this IP is associated).
How could I do that? How to pass the IP address that I have typed to EEM and after, how to get the MAC address that the first command shown?
Thanks for all.
Solved! Go to Solution.
03-17-2014 11:56 AM
The error message could be related to: https://tools.cisco.com/bugsearch/bug/CSCsy89677
If that is the case the error message is cosmetic only.
03-20-2014 03:39 PM
The script has been changed slightly and is shown below. Put this into a file and on the switch flash drive or local media.
#############
foreach ip $::argv {
set result [exec "show arp | inc $ip"]
if [regexp {[a-zA-Z]+\s+\d+\.\d+\.\d+\.\d+\s+\d+\s+([0-9a-f]+\.[0-9a-f]+\.[0-9a-f]+)\s+ARPA} $result match mac ] {
set output [exec "show mac address-table address $mac"]
regexp {(\d+\s+[0-9a-f]+\.[0-9a-f]+\.[0-9a-f]+\s+[A-Z]+\s+[0-9\/a-zA-Z]+)} $output match output
puts "$ip = $output"
} else {
puts "$ip not in arp table"
}}
########
My file is called resolve.tcl and this can be run in exec mode on the switch.
Switch_1#tclsh flash:resolve.tcl 192.168.0.2 192.168.0.1 192.168.0.3
192.168.0.2 = 1 0024.14ac.0f48 DYNAMIC Fa0/11
192.168.0.1 = 1 0001.6c14.f8c1 DYNAMIC Fa0/12
192.168.0.3 not in arp table
Switch_1#
03-15-2014 08:36 AM
If you want to make it interactive then the tcl shell on the switch is also an option. A simple script to run the commands for you that can be pasted into the TCL shell.
==============
Switch_1#tclsh
Switch_1(tcl)#proc resolve {args} {
foreach ip $args {
set result [exec "show arp | inc $ip"]
if [regexp {[a-zA-Z]+\s+\d+\.\d+\.\d+\.\d+\s+\d+\s+([0-9a-f]+\.[0-9a-f]+\.[0-9a-f]+)\s+ARPA} $result match mac ] {
set output [exec "show mac address-table address $mac"]
regexp {(\d+\s+[0-9a-f]+\.[0-9a-f]+\.[0-9a-f]+\s+[A-Z]+\s+[0-9\/a-zA-Z]+)} $output match output
puts "$ip = $output"
} else {
puts "$ip not in arp table"
}
}}
==========
Then type resolve and the all the ip addresses you want to map.
Switch_1(tcl)#resolve 192.168.0.125 192.168.0.3 192.168.0.2
192.168.0.125 = 1 7001.6c14.1dc1 DYNAMIC Fa0/12
192.168.0.3 not in arp table
192.168.0.2 = 1 7024.14ac.0f48 DYNAMIC Fa0/11
Switch_1(tcl)#
03-17-2014 11:24 AM
Thank you so much Daniel.
I tried your script but I am getting a error...
SW10(tcl)#proc resolve {args} {
% Ambiguous command: "proc resolve {args} {"
Regards
03-17-2014 11:56 AM
The error message could be related to: https://tools.cisco.com/bugsearch/bug/CSCsy89677
If that is the case the error message is cosmetic only.
03-20-2014 10:45 AM
I really like this, but I would like to be able to give someone access to do the "resolve" part without giving them access to the tclsh - like an operator instead of an admin. Is there a way to make it a stored procedure and just call the procedure whenever needed? I want to be able to assign the right to a certain privilege level - like priv 5 or something like that.
03-20-2014 11:06 AM
Yes!! I was thinking exactly about it.
I am not concerned about privileg levels, but it would be really wonderful if we can just put the script once, and after that use only a command (in this case "resolve").
03-20-2014 03:39 PM
The script has been changed slightly and is shown below. Put this into a file and on the switch flash drive or local media.
#############
foreach ip $::argv {
set result [exec "show arp | inc $ip"]
if [regexp {[a-zA-Z]+\s+\d+\.\d+\.\d+\.\d+\s+\d+\s+([0-9a-f]+\.[0-9a-f]+\.[0-9a-f]+)\s+ARPA} $result match mac ] {
set output [exec "show mac address-table address $mac"]
regexp {(\d+\s+[0-9a-f]+\.[0-9a-f]+\.[0-9a-f]+\s+[A-Z]+\s+[0-9\/a-zA-Z]+)} $output match output
puts "$ip = $output"
} else {
puts "$ip not in arp table"
}}
########
My file is called resolve.tcl and this can be run in exec mode on the switch.
Switch_1#tclsh flash:resolve.tcl 192.168.0.2 192.168.0.1 192.168.0.3
192.168.0.2 = 1 0024.14ac.0f48 DYNAMIC Fa0/11
192.168.0.1 = 1 0001.6c14.f8c1 DYNAMIC Fa0/12
192.168.0.3 not in arp table
Switch_1#
03-21-2014 08:20 AM
Thank you so much Daniel.
I will share this helpful script on my blog.
I believe that other people will love it too.
Best Regards.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: