Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Some range of MAC addresses which cannot obtain by SNMP

Hello network exparts.

I have a problem to get MAC address from Catalyst swiches using Net-SNMP.

"snmpwalk -v 2c -c communityname switchname .1.3.6.1.2.1.17.4.3.1.1" does not answer some range of  MAC addresses. The version of snmpwalk is 5.6.1 and 5.7.

Suppose hexadecimal number XX is in range 20 <= XX <= 7e, if all XX of MAC address XX:XX:XX:XX:XX:XX is in this range, Catalyst switches do not answer this MAC address via SNMP, but I can get the address by command line "show mac address-table"

I made ARP packet by Linux arping command "arping -0 -s 20:20:20:20:20:20 -p DST-IP-address" ( -s switch means SRC-MAC address) , but 20:20:20:20:20:20 is not obtaind by snmpwalk. But when I tried "arping -0 -s 20:20:20:20:7f:20 -p DST-IP-address", snmpwalk replies "Hex-STRING: 20 20 20 20 7F 20".

This test is done on Vlan 1 (Native), I tried VLAN-indexed "snmpwalk -v 2c -c communityname@1 switchname .1.3.6.1.2.1.17.4.3.1.1", but no improvement.

I only checked Catalyst IOS version 15.0(1)SE3 (2960,2960G,2960S,3750X) and 12.2(55)SE6 (3750G).  But I think all of IOS-15.0 and IOS-12.X have this problem.

Everyone's tags (1)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Some range of MAC addresses which cannot obtain by SNMP

Glad to see the good news. Hope the guide was helpful.

You may close this thread if the issue is resolved.

-Thanks

-Thanks Vinod **Rating Encourages contributors, and its really free. **
5 REPLIES
New Member

Some range of MAC addresses which cannot obtain by SNMP

Hi,

whenever you try to do snmpwalk is the walk getting timeout? also have you tried snmpwalk on any other vlan?

Cisco Employee

Some range of MAC addresses which cannot obtain by SNMP

Your OID is correct, but this is not the right way to get Mac-address table details. SNMP v1 and v2c requires SNMP Community String Indexing to see mac-add on per Vlan basis.

That means you have to add @ number to get mac-add details/vlan on the above command.

Example :

You Tried :

snmpwalk -v 2c -c communityname switchname .1.3.6.1.2.1.17.4.3.1.1

It should be :

snmpwalk -v 2c -c communityname@ switchname .1.3.6.1.2.1.17.4.3.1.1

ex:

snmpwalk -v 2c -c communityname@1 switchname .1.3.6.1.2.1.17.4.3.1.1

For more details on this check the document :

http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a00801c9199.shtml

-Thanks

Vinod

-Thanks Vinod **Rating Encourages contributors, and its really free. **
New Member

Some range of MAC addresses which cannot obtain by SNMP

Thank you exparts.

I tried both

snmpwalk -v 2c -c communityname switchname .1.3.6.1.2.1.17.4.3.1.1

snmpwalk -v 2c -c communityname@1 switchname .1.3.6.1.2.1.17.4.3.1.1

They return the same reply ( not timeout, other MAC addresses are obtained correctly ), becouse only Native-VLAN1 is used on my switches. I belibe this is not a VLAN problem, I suspect that SNMP server of IOS has a bug, dropping some MAC addresses from learnled MAC address list.

In my network, I cannot find the place of a SONY PC whose MAC address is 54:42:49:63:54:5f, because every hexadecimals 54,42,49,63,54,5f is in range 20<=X<=7e. If a intruder changes MAC address of the victim device to 20:20:20:20:20:20, network administrators cannot find the place of him by SNMP.

New Member

Some range of MAC addresses which cannot obtain by SNMP

Sorry, this is self reply.

By investigating snmpwalk of OID .1.3.6.1.2.1.17.4.3.1.2 (not .1.3.6.1.2.1.17.4.3.1.1), I found that the OID part after .1.3.6.1.2.1.17.4.3.1.2 gives learned MAC address in decimal number. Converting them to hexadecimal numbers, I can get the same MAC-address list obtained by command "show mac address-table".

Thank you.

Cisco Employee

Some range of MAC addresses which cannot obtain by SNMP

Glad to see the good news. Hope the guide was helpful.

You may close this thread if the issue is resolved.

-Thanks

-Thanks Vinod **Rating Encourages contributors, and its really free. **
1265
Views
0
Helpful
5
Replies