Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Getting from MAC to ifIndex using SNMP MIBs on a Cat4500

I am trying to pull MAC -> ifIndex information from a Catalyst 4500 running cat4500-entservicesk9-mz.122-31.SGA, except that BRIDGE-MIB:dot1dTpFdbTable is not supported.

I can link MACs to ifIndex using cpsSecureMacAddressTable, but only for interfaces where port security is enabled(?), and of course atTable gives me MAC -> VLan ifIndex, but still doesn't help me associate a MAC with a physical interface.

Does anyone have a suggestion or know an alternative?

Thanks,

Mark

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Getting from MAC to ifIndex using SNMP MIBs on a Cat4500

The problem is you are using SNMPv3, and you most likely do not have SNMPv3 contexts configured. Run the command "show snmp context". This should list out all contexts supported on the switch. For each one of these contexts, you will need to add a command:

snmp-server group mygroup v3 auth context CONTEXT

Where CONTEXT is the context name. Once you have all your contexts configured, then you can use net-snmp's snmpwalk like so:

snmpwalk -v 3 -l authNoPriv -u myuser -a MD5 -A myuserpass -n CONTEXT x.x.x.x dot1dTpFdbTable

For example:

snmpwalk -v 3 -l authNoPriv -u myuser -a MD5 -A myuserpass -n vlan-100 14.32.100.39 dot1dTpFdbTable

4 REPLIES
Cisco Employee

Re: Getting from MAC to ifIndex using SNMP MIBs on a Cat4500

dot1dTpFdbTable is the way to go, and it is supported in this code. What problems do you see trying to access objects in this table? What version of SNMP are you using?

New Member

Re: Getting from MAC to ifIndex using SNMP MIBs on a Cat4500

Thanks for the reply.

The switch is snmp v3. I'm using net-snmp 5.4.1 (ssl version) and Solarwinds 9.0.

I've looked at several switches using the same code, but I don't see any populated tables under dot1Bridge (1.3.6.2.1.17). I am able to pull a wide number of other tables without problems.

:/

I tried specifically pulling the dot1dTpFdbTable you suggested, but no values there either. If I walk BRIDGE-MIB I do see a few single values, like Dot1dBaseType.0 being 4 (srt).

Is it possible that these tables stop populating if port security is in use?

Mark

Cisco Employee

Re: Getting from MAC to ifIndex using SNMP MIBs on a Cat4500

The problem is you are using SNMPv3, and you most likely do not have SNMPv3 contexts configured. Run the command "show snmp context". This should list out all contexts supported on the switch. For each one of these contexts, you will need to add a command:

snmp-server group mygroup v3 auth context CONTEXT

Where CONTEXT is the context name. Once you have all your contexts configured, then you can use net-snmp's snmpwalk like so:

snmpwalk -v 3 -l authNoPriv -u myuser -a MD5 -A myuserpass -n CONTEXT x.x.x.x dot1dTpFdbTable

For example:

snmpwalk -v 3 -l authNoPriv -u myuser -a MD5 -A myuserpass -n vlan-100 14.32.100.39 dot1dTpFdbTable

New Member

Re: Getting from MAC to ifIndex using SNMP MIBs on a Cat4500

Awesome. Thank you very much.

Mark

501
Views
0
Helpful
4
Replies