single command to gather mac addresses of connected devices to switch
up vote
2
down vote
favorite
I've connected multiple PCs to a 2960 switch and then entered privilege mode and entered : show mac-address-table but the table is empty. Then I pinged the broadcast address from one of the PCs: ping 192.168.1.255 and used the previous command on the switch once again and the mac address table lists all the PCs' mac addresses, I wonder if there is a shorter way? i.e. a command on switch to gather the mac addresses of the connected devices to its ports without the need to the pinging step? Thanks.
cisco switch
edited Dec 5 at 10:31
Marc 'netztier' Luethi
2,989319
asked Dec 5 at 6:03
Moytaba
133
add a comment |
up vote
2
down vote
favorite
I've connected multiple PCs to a 2960 switch and then entered privilege mode and entered : show mac-address-table but the table is empty. Then I pinged the broadcast address from one of the PCs: ping 192.168.1.255 and used the previous command on the switch once again and the mac address table lists all the PCs' mac addresses, I wonder if there is a shorter way? i.e. a command on switch to gather the mac addresses of the connected devices to its ports without the need to the pinging step? Thanks.
cisco switch
edited Dec 5 at 10:31
Marc 'netztier' Luethi
2,989319
asked Dec 5 at 6:03
Moytaba
133
I'd also send a ping toff02::1in case there are devices which don't respond to192.168.1.255. Of course it still won't guarantee to reach all devices, and there really isn't any way to force an unknown device to send a packet.
– kasperd
Dec 5 at 12:26
add a comment |
up vote
2
down vote
favorite
up vote
2
down vote
favorite
I've connected multiple PCs to a 2960 switch and then entered privilege mode and entered : show mac-address-table but the table is empty. Then I pinged the broadcast address from one of the PCs: ping 192.168.1.255 and used the previous command on the switch once again and the mac address table lists all the PCs' mac addresses, I wonder if there is a shorter way? i.e. a command on switch to gather the mac addresses of the connected devices to its ports without the need to the pinging step? Thanks.
cisco switch
edited Dec 5 at 10:31
Marc 'netztier' Luethi
2,989319
asked Dec 5 at 6:03
Moytaba
133
I've connected multiple PCs to a 2960 switch and then entered privilege mode and entered : show mac-address-table but the table is empty. Then I pinged the broadcast address from one of the PCs: ping 192.168.1.255 and used the previous command on the switch once again and the mac address table lists all the PCs' mac addresses, I wonder if there is a shorter way? i.e. a command on switch to gather the mac addresses of the connected devices to its ports without the need to the pinging step? Thanks.
cisco switch
cisco switch
edited Dec 5 at 10:31
Marc 'netztier' Luethi
2,989319
asked Dec 5 at 6:03
Moytaba
133
edited Dec 5 at 10:31
Marc 'netztier' Luethi
2,989319
asked Dec 5 at 6:03
Moytaba
133
edited Dec 5 at 10:31
Marc 'netztier' Luethi
2,989319
edited Dec 5 at 10:31
Marc 'netztier' Luethi
2,989319
edited Dec 5 at 10:31
Marc 'netztier' Luethi
2,989319
2,989319
asked Dec 5 at 6:03
Moytaba
133
asked Dec 5 at 6:03
Moytaba
133
asked Dec 5 at 6:03
Moytaba
133
133
I'd also send a ping toff02::1in case there are devices which don't respond to192.168.1.255. Of course it still won't guarantee to reach all devices, and there really isn't any way to force an unknown device to send a packet.
– kasperd
Dec 5 at 12:26
add a comment |
I'd also send a ping toff02::1in case there are devices which don't respond to192.168.1.255. Of course it still won't guarantee to reach all devices, and there really isn't any way to force an unknown device to send a packet.
– kasperd
Dec 5 at 12:26
I'd also send a ping to
ff02::1 in case there are devices which don't respond to 192.168.1.255. Of course it still won't guarantee to reach all devices, and there really isn't any way to force an unknown device to send a packet.– kasperd
Dec 5 at 12:26
I'd also send a ping to
ff02::1 in case there are devices which don't respond to 192.168.1.255. Of course it still won't guarantee to reach all devices, and there really isn't any way to force an unknown device to send a packet.– kasperd
Dec 5 at 12:26
add a comment |
1 Answer
1
active
oldest
votes
up vote
6
down vote
accepted
EDIT:
To actually answer the question: show mac-address-table or show mac address-table (depending on platform and software generation) is the single command to see the MAC address table on a Cisco Switch like the 2960. The fact that the table comes up empty is very probably correct.
Here's why:
MAC address tables (sometimes referred to as CAM tables) are usually dynamic, and their entries are aged out after a given timeout, usually 300 seconds.
An entry is added as soon as an Ethernet frame arrives on a switch port. It's source MAC address is kept and is added to the CAM table and its aging timer starts to decrement.
If connected devices stay silent for more than 300 sec (or the given CAM table aging value), their MAC addresses are removed from the CAM table.
If another device needs to talk to such a dormant peer, the switch will have to perform "unknown unicast flooding" and send the given Ethernet frame out of all ports (more precisely: all active/forwarding ports of the given VLAN). As soon as the device of interest responds with an Ethernet frame, the CAM table is (re)populated instantly with a new entry.
There can be more advanced setups with sticky or static CAM table entries, but that's another story.
This being said...
IF a constantly populated CAM table is a requirement, AND IF the connected devices have no need to be allowed to "sleep" for longer periods of time (for example to save energy), AND IF the scope of interesting devices/table entries covers IPv4 enabled devices, there is one trick that can help a lot without requiring a lot of advanced config:
Many routers (CEF enabled Cisco router definitely do it) do active maintenance of their ARP cache, but have a default ARP timeout of 4hours. By lowering their ARP timeout to some value lower than 300sec (which does little to no harm), the router will re-query the entries in its ARP cache, shortly before they expire. That will in turn trigger a response from the devices, and these ARP replies then keep the switch's CAM tables populated.
answered Dec 5 at 7:30
Marc 'netztier' Luethi
2,989319
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "496"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f55206%2fsingle-command-to-gather-mac-addresses-of-connected-devices-to-switch%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
6
down vote
accepted
EDIT:
To actually answer the question: show mac-address-table or show mac address-table (depending on platform and software generation) is the single command to see the MAC address table on a Cisco Switch like the 2960. The fact that the table comes up empty is very probably correct.
Here's why:
MAC address tables (sometimes referred to as CAM tables) are usually dynamic, and their entries are aged out after a given timeout, usually 300 seconds.
An entry is added as soon as an Ethernet frame arrives on a switch port. It's source MAC address is kept and is added to the CAM table and its aging timer starts to decrement.
If connected devices stay silent for more than 300 sec (or the given CAM table aging value), their MAC addresses are removed from the CAM table.
If another device needs to talk to such a dormant peer, the switch will have to perform "unknown unicast flooding" and send the given Ethernet frame out of all ports (more precisely: all active/forwarding ports of the given VLAN). As soon as the device of interest responds with an Ethernet frame, the CAM table is (re)populated instantly with a new entry.
There can be more advanced setups with sticky or static CAM table entries, but that's another story.
This being said...
IF a constantly populated CAM table is a requirement, AND IF the connected devices have no need to be allowed to "sleep" for longer periods of time (for example to save energy), AND IF the scope of interesting devices/table entries covers IPv4 enabled devices, there is one trick that can help a lot without requiring a lot of advanced config:
Many routers (CEF enabled Cisco router definitely do it) do active maintenance of their ARP cache, but have a default ARP timeout of 4hours. By lowering their ARP timeout to some value lower than 300sec (which does little to no harm), the router will re-query the entries in its ARP cache, shortly before they expire. That will in turn trigger a response from the devices, and these ARP replies then keep the switch's CAM tables populated.
answered Dec 5 at 7:30
Marc 'netztier' Luethi
2,989319
add a comment |
up vote
6
down vote
accepted
EDIT:
To actually answer the question: show mac-address-table or show mac address-table (depending on platform and software generation) is the single command to see the MAC address table on a Cisco Switch like the 2960. The fact that the table comes up empty is very probably correct.
Here's why:
MAC address tables (sometimes referred to as CAM tables) are usually dynamic, and their entries are aged out after a given timeout, usually 300 seconds.
An entry is added as soon as an Ethernet frame arrives on a switch port. It's source MAC address is kept and is added to the CAM table and its aging timer starts to decrement.
If connected devices stay silent for more than 300 sec (or the given CAM table aging value), their MAC addresses are removed from the CAM table.
If another device needs to talk to such a dormant peer, the switch will have to perform "unknown unicast flooding" and send the given Ethernet frame out of all ports (more precisely: all active/forwarding ports of the given VLAN). As soon as the device of interest responds with an Ethernet frame, the CAM table is (re)populated instantly with a new entry.
There can be more advanced setups with sticky or static CAM table entries, but that's another story.
This being said...
IF a constantly populated CAM table is a requirement, AND IF the connected devices have no need to be allowed to "sleep" for longer periods of time (for example to save energy), AND IF the scope of interesting devices/table entries covers IPv4 enabled devices, there is one trick that can help a lot without requiring a lot of advanced config:
Many routers (CEF enabled Cisco router definitely do it) do active maintenance of their ARP cache, but have a default ARP timeout of 4hours. By lowering their ARP timeout to some value lower than 300sec (which does little to no harm), the router will re-query the entries in its ARP cache, shortly before they expire. That will in turn trigger a response from the devices, and these ARP replies then keep the switch's CAM tables populated.
answered Dec 5 at 7:30
Marc 'netztier' Luethi
2,989319
add a comment |
up vote
6
down vote
accepted
up vote
6
down vote
accepted
EDIT:
To actually answer the question: show mac-address-table or show mac address-table (depending on platform and software generation) is the single command to see the MAC address table on a Cisco Switch like the 2960. The fact that the table comes up empty is very probably correct.
Here's why:
MAC address tables (sometimes referred to as CAM tables) are usually dynamic, and their entries are aged out after a given timeout, usually 300 seconds.
An entry is added as soon as an Ethernet frame arrives on a switch port. It's source MAC address is kept and is added to the CAM table and its aging timer starts to decrement.
If connected devices stay silent for more than 300 sec (or the given CAM table aging value), their MAC addresses are removed from the CAM table.
If another device needs to talk to such a dormant peer, the switch will have to perform "unknown unicast flooding" and send the given Ethernet frame out of all ports (more precisely: all active/forwarding ports of the given VLAN). As soon as the device of interest responds with an Ethernet frame, the CAM table is (re)populated instantly with a new entry.
There can be more advanced setups with sticky or static CAM table entries, but that's another story.
This being said...
IF a constantly populated CAM table is a requirement, AND IF the connected devices have no need to be allowed to "sleep" for longer periods of time (for example to save energy), AND IF the scope of interesting devices/table entries covers IPv4 enabled devices, there is one trick that can help a lot without requiring a lot of advanced config:
Many routers (CEF enabled Cisco router definitely do it) do active maintenance of their ARP cache, but have a default ARP timeout of 4hours. By lowering their ARP timeout to some value lower than 300sec (which does little to no harm), the router will re-query the entries in its ARP cache, shortly before they expire. That will in turn trigger a response from the devices, and these ARP replies then keep the switch's CAM tables populated.
answered Dec 5 at 7:30
Marc 'netztier' Luethi
2,989319
EDIT:
To actually answer the question: show mac-address-table or show mac address-table (depending on platform and software generation) is the single command to see the MAC address table on a Cisco Switch like the 2960. The fact that the table comes up empty is very probably correct.
Here's why:
MAC address tables (sometimes referred to as CAM tables) are usually dynamic, and their entries are aged out after a given timeout, usually 300 seconds.
An entry is added as soon as an Ethernet frame arrives on a switch port. It's source MAC address is kept and is added to the CAM table and its aging timer starts to decrement.
If connected devices stay silent for more than 300 sec (or the given CAM table aging value), their MAC addresses are removed from the CAM table.
If another device needs to talk to such a dormant peer, the switch will have to perform "unknown unicast flooding" and send the given Ethernet frame out of all ports (more precisely: all active/forwarding ports of the given VLAN). As soon as the device of interest responds with an Ethernet frame, the CAM table is (re)populated instantly with a new entry.
There can be more advanced setups with sticky or static CAM table entries, but that's another story.
This being said...
IF a constantly populated CAM table is a requirement, AND IF the connected devices have no need to be allowed to "sleep" for longer periods of time (for example to save energy), AND IF the scope of interesting devices/table entries covers IPv4 enabled devices, there is one trick that can help a lot without requiring a lot of advanced config:
Many routers (CEF enabled Cisco router definitely do it) do active maintenance of their ARP cache, but have a default ARP timeout of 4hours. By lowering their ARP timeout to some value lower than 300sec (which does little to no harm), the router will re-query the entries in its ARP cache, shortly before they expire. That will in turn trigger a response from the devices, and these ARP replies then keep the switch's CAM tables populated.
answered Dec 5 at 7:30
Marc 'netztier' Luethi
2,989319
edited Dec 5 at 7:53
answered Dec 5 at 7:30
Marc 'netztier' Luethi
2,989319
answered Dec 5 at 7:30
Marc 'netztier' Luethi
2,989319
answered Dec 5 at 7:30
Marc 'netztier' Luethi
2,989319
2,989319
add a comment |
add a comment |
Thanks for contributing an answer to Network Engineering Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f55206%2fsingle-command-to-gather-mac-addresses-of-connected-devices-to-switch%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
I'd also send a ping to
ff02::1in case there are devices which don't respond to192.168.1.255. Of course it still won't guarantee to reach all devices, and there really isn't any way to force an unknown device to send a packet.– kasperd
Dec 5 at 12:26