Problem : How to get on which Cisco Switch Port the Windows Server is connected
Environment : Windows Server 2003 / 2008 / 2012 (With all revisions), Cisco Switching Landscape for Network
Solution :
In our scenario, we have tough time to get the which server is connected on which port of the Cisco Switch. We have to trace it manually or by running some commands on Cisco switch.
What if you dont have to goto Network team for getting the desired data. And yes, this is possible using only two tools.
With the help of Cisco Discovery Protocol, we can get the information which we require.
You need following tools to get your solution
Website Link : http://www.winpcap.org/windump/install/
Tool 1 : http://www.winpcap.org/install/bin/WinPcap_4_1_3.exe
Tool 2 : http://www.winpcap.org/windump/install/bin/windump_3_9_5/WinDump.exe
Steps :
1) Get the tool WinPcap installed on the server of which you need theinformation
2) Copy Windump.exe too on the same server.
3) Open command prompt and run the below commands to find out which NICs are being used :
D:\Softwares>WinDump.exe -D
1.\Device\NPF_{DE4A706A-7211-48B7-B48F-5D9ACBBD5BD8} (Microsoft)
2.\Device\NPF_{5F6BF467-20A0-4A4D-AD69-EA627FA97FCA} (Broadcom L2 NDIS client driver)
3.\Device\NPF_{9E039A06-2207-44F0-B916-B8A9D0C8DE57} (Broadcom L2 NDIS client driver)
4.\Device\NPF_{F93A488D-6FB9-4069-BF74-2210120088ED} (Broadcom L2 NDIS client driver)
5.\Device\NPF_{587BD189-1FDC-48D4-94E8-C03606950A75} (Broadcom L2 NDIS client driver)
4) Run following commands to get the data:
WinDump.exe -nn -v -i \Device\NPF_{DE4A706A-7211-48B7-B48F-5D9ACBBD5BD8} -s 1500 -c 1 "ether[20:2] == 0x2000"
WinDump.exe -nn -v -i \Device\NPF_{5F6BF467-20A0-4A4D-AD69-EA627FA97FCA} -s 1500 -c 1 "ether[20:2] == 0x2000"
WinDump.exe -nn -v -i \Device\NPF_{9E039A06-2207-44F0-B916-B8A9D0C8DE57} -s 1500 -c 1 "ether[20:2] == 0x2000"
WinDump.exe -nn -v -i \Device\NPF_{F93A488D-6FB9-4069-BF74-2210120088ED} -s 1500 -c 1 "ether[20:2] == 0x2000"
WinDump.exe -nn -v -i \Device\NPF_{587BD189-1FDC-48D4-94E8-C03606950A75} -s 1500 -c 1 "ether[20:2] == 0x2000"
D:\Softwares>WinDump.exe -nn -v -i \Device\NPF_{DE4A706A-7211-48B7-B48F-5D9ACBBD5BD8} -s 1500 -c 1 "ether[20:2] == 0x2000"
WinDump.exe: listening on \Device\NPF_{DE4A706A-7211-48B7-B48F-5D9ACBBD5BD8}
10:57:59.174135 CDPv2, ttl: 180s, checksum: 692 (unverified), length 357
Device-ID (0x01), length: 3 bytes: 'A1'
Version String (0x05), length: 187 bytes:
Cisco IOS Software, C3750 Software (C3750-IPSERVICES-M), Version 12.2(25)SEB2, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2005 by Cisco Systems, Inc.
Compiled Wed 08-Jun-05 01:19 by yenanh
Platform (0x06), length: 20 bytes: 'cisco WS-C3750G-16TD'
Address (0x02), length: 13 bytes: IPv4 (1) XXX.XX.X.XX
Port-ID (0x03), length: 21 bytes: 'GigabitEthernet3/0/17'
Capability (0x04), length: 4 bytes: (0x00000029): Router, L2 Switch, IGMP snooping
Protocol-Hello option (0x08), length: 32 bytes:
VTP Management Domain (0x09), length: 3 bytes: 'EPC'
Native VLAN ID (0x0a), length: 2 bytes: 5
Duplex (0x0b), length: 1 byte: full
AVVID trust bitmap (0x12), length: 1 byte: 0x00
AVVID untrusted ports CoS (0x13), length: 1 byte: 0x00
Management Addresses (0x16), length: 13 bytes: IPv4 (1) XXX.XX.X.XX
1 packets captured
951404 packets received by filter
0 packets dropped by kernel
D:\Softwares>WinDump.exe -nn -v -i \Device\NPF_{5F6BF467-20A0-4A4D-AD69-EA627FA9
7FCA} -s 1500 -c 1 "ether[20:2] == 0x2000"
WinDump.exe: listening on \Device\NPF_{5F6BF467-20A0-4A4D-AD69-EA627FA97FCA}
10:58:59.176044 CDPv2, ttl: 180s, checksum: 692 (unverified), length 357
Device-ID (0x01), length: 3 bytes: 'A1'
Version String (0x05), length: 187 bytes:
Cisco IOS Software, C3750 Software (C3750-IPSERVICES-M), Version 12.2(25)SEB2, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2005 by Cisco Systems, Inc.
Compiled Wed 08-Jun-05 01:19 by yenanh
Platform (0x06), length: 20 bytes: 'cisco WS-C3750G-16TD'
Address (0x02), length: 13 bytes: IPv4 (1) XXX.XX.X.XX
Port-ID (0x03), length: 21 bytes: 'GigabitEthernet3/0/17'
Capability (0x04), length: 4 bytes: (0x00000029): Router, L2 Switch, IGMP snooping
Protocol-Hello option (0x08), length: 32 bytes:
VTP Management Domain (0x09), length: 3 bytes: 'EPC'
Native VLAN ID (0x0a), length: 2 bytes: 5
Duplex (0x0b), length: 1 byte: full
AVVID trust bitmap (0x12), length: 1 byte: 0x00
AVVID untrusted ports CoS (0x13), length: 1 byte: 0x00
Management Addresses (0x16), length: 13 bytes: IPv4 (1) XXX.XX.X.XX
1 packets captured
329579 packets received by filter
0 packets dropped by kernel
D:\Softwares>WinDump.exe -nn -v -i \Device\NPF_{9E039A06-2207-44F0-B916-B8A9D0C8DE57} -s 1500 -c 1 "ether[20:2] == 0x2000"
WinDump.exe: listening on \Device\NPF_{9E039A06-2207-44F0-B916-B8A9D0C8DE57}
10:59:06.868032 CDPv2, ttl: 180s, checksum: 692 (unverified), length 357
Device-ID (0x01), length: 3 bytes: 'A1'
Version String (0x05), length: 187 bytes:
Cisco IOS Software, C3750 Software (C3750-IPSERVICES-M), Version 12.2(25)SEB2, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2005 by Cisco Systems, Inc.
Compiled Wed 08-Jun-05 01:19 by yenanh
Platform (0x06), length: 20 bytes: 'cisco WS-C3750G-16TD'
Address (0x02), length: 13 bytes: IPv4 (1) XXX.XX.X.XX
Port-ID (0x03), length: 21 bytes: 'GigabitEthernet3/0/20'
Capability (0x04), length: 4 bytes: (0x00000029): Router, L2 Switch, IGMP snooping
Protocol-Hello option (0x08), length: 32 bytes:
VTP Management Domain (0x09), length: 3 bytes: 'CCC'
Native VLAN ID (0x0a), length: 2 bytes: 5
Duplex (0x0b), length: 1 byte: full
AVVID trust bitmap (0x12), length: 1 byte: 0x00
AVVID untrusted ports CoS (0x13), length: 1 byte: 0x00
Management Addresses (0x16), length: 13 bytes: IPv4 (1) XXX.XX.X.XX
1 packets captured
378 packets received by filter
0 packets dropped by kernel
D:\Softwares>WinDump.exe -nn -v -i \Device\NPF_{F93A488D-6FB9-4069-BF74-2210120088ED} -s 1500 -c 1 "ether[20:2] == 0x2000"
WinDump.exe: listening on \Device\NPF_{F93A488D-6FB9-4069-BF74-2210120088ED}
10:59:23.290285 CDPv2, ttl: 180s, checksum: 692 (unverified), length 353
Device-ID (0x01), length: 3 bytes: 'A2'
Version String (0x05), length: 183 bytes:
Cisco IOS Software, C3750 Software (C3750-IPBASE-M), Version 12.2(25)SEB2, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2005 by Cisco Systems, Inc.
Compiled Wed 08-Jun-05 01:19 by yenanh
Platform (0x06), length: 20 bytes: 'cisco WS-C3750G-16TD'
Address (0x02), length: 13 bytes: IPv4 (1) XXX.XX.X.XX
Port-ID (0x03), length: 21 bytes: 'GigabitEthernet3/0/17'
Capability (0x04), length: 4 bytes: (0x00000029): Router, L2 Switch, IGMP snooping
Protocol-Hello option (0x08), length: 32 bytes:
VTP Management Domain (0x09), length: 3 bytes: 'CCC'
Native VLAN ID (0x0a), length: 2 bytes: 5
Duplex (0x0b), length: 1 byte: full
AVVID trust bitmap (0x12), length: 1 byte: 0x00
AVVID untrusted ports CoS (0x13), length: 1 byte: 0x00
Management Addresses (0x16), length: 13 bytes: IPv4 (1) XXX.XX.X.XX
1 packets captured
50844 packets received by filter
0 packets dropped by kernel
D:\Softwares>WinDump.exe -nn -v -i \Device\NPF_{587BD189-1FDC-48D4-94E8-C03606950A75} -s 1500 -c 1 "ether[20:2] == 0x2000"
WinDump.exe: listening on \Device\NPF_{587BD189-1FDC-48D4-94E8-C03606950A75}
11:00:11.087081 CDPv2, ttl: 180s, checksum: 692 (unverified), length 353
Device-ID (0x01), length: 3 bytes: 'A2'
Version String (0x05), length: 183 bytes:
Cisco IOS Software, C3750 Software (C3750-IPBASE-M), Version 12.2(25)SEB2, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2005 by Cisco Systems, Inc.
Compiled Wed 08-Jun-05 01:19 by yenanh
Platform (0x06), length: 20 bytes: 'cisco WS-C3750G-16TD'
Address (0x02), length: 13 bytes: IPv4 (1) XXX.XX.X.XX
Port-ID (0x03), length: 21 bytes: 'GigabitEthernet3/0/13'
Capability (0x04), length: 4 bytes: (0x00000029): Router, L2 Switch, IGMP snooping
Protocol-Hello option (0x08), length: 32 bytes:
VTP Management Domain (0x09), length: 3 bytes: 'CCC'
Native VLAN ID (0x0a), length: 2 bytes: 5
Duplex (0x0b), length: 1 byte: full
AVVID trust bitmap (0x12), length: 1 byte: 0x00
AVVID untrusted ports CoS (0x13), length: 1 byte: 0x00
Management Addresses (0x16), length: 13 bytes: IPv4 (1) XXX.XX.X.XX
1 packets captured
2884594 packets received by filter
0 packets dropped by kernel
Environment : Windows Server 2003 / 2008 / 2012 (With all revisions), Cisco Switching Landscape for Network
Solution :
In our scenario, we have tough time to get the which server is connected on which port of the Cisco Switch. We have to trace it manually or by running some commands on Cisco switch.
What if you dont have to goto Network team for getting the desired data. And yes, this is possible using only two tools.
With the help of Cisco Discovery Protocol, we can get the information which we require.
You need following tools to get your solution
Website Link : http://www.winpcap.org/windump/install/
Tool 1 : http://www.winpcap.org/install/bin/WinPcap_4_1_3.exe
Tool 2 : http://www.winpcap.org/windump/install/bin/windump_3_9_5/WinDump.exe
Steps :
1) Get the tool WinPcap installed on the server of which you need theinformation
2) Copy Windump.exe too on the same server.
3) Open command prompt and run the below commands to find out which NICs are being used :
D:\Softwares>WinDump.exe -D
1.\Device\NPF_{DE4A706A-7211-48B7-B48F-5D9ACBBD5BD8} (Microsoft)
2.\Device\NPF_{5F6BF467-20A0-4A4D-AD69-EA627FA97FCA} (Broadcom L2 NDIS client driver)
3.\Device\NPF_{9E039A06-2207-44F0-B916-B8A9D0C8DE57} (Broadcom L2 NDIS client driver)
4.\Device\NPF_{F93A488D-6FB9-4069-BF74-2210120088ED} (Broadcom L2 NDIS client driver)
5.\Device\NPF_{587BD189-1FDC-48D4-94E8-C03606950A75} (Broadcom L2 NDIS client driver)
4) Run following commands to get the data:
WinDump.exe -nn -v -i \Device\NPF_{DE4A706A-7211-48B7-B48F-5D9ACBBD5BD8} -s 1500 -c 1 "ether[20:2] == 0x2000"
WinDump.exe -nn -v -i \Device\NPF_{5F6BF467-20A0-4A4D-AD69-EA627FA97FCA} -s 1500 -c 1 "ether[20:2] == 0x2000"
WinDump.exe -nn -v -i \Device\NPF_{9E039A06-2207-44F0-B916-B8A9D0C8DE57} -s 1500 -c 1 "ether[20:2] == 0x2000"
WinDump.exe -nn -v -i \Device\NPF_{F93A488D-6FB9-4069-BF74-2210120088ED} -s 1500 -c 1 "ether[20:2] == 0x2000"
WinDump.exe -nn -v -i \Device\NPF_{587BD189-1FDC-48D4-94E8-C03606950A75} -s 1500 -c 1 "ether[20:2] == 0x2000"
D:\Softwares>WinDump.exe -nn -v -i \Device\NPF_{DE4A706A-7211-48B7-B48F-5D9ACBBD5BD8} -s 1500 -c 1 "ether[20:2] == 0x2000"
WinDump.exe: listening on \Device\NPF_{DE4A706A-7211-48B7-B48F-5D9ACBBD5BD8}
10:57:59.174135 CDPv2, ttl: 180s, checksum: 692 (unverified), length 357
Device-ID (0x01), length: 3 bytes: 'A1'
Version String (0x05), length: 187 bytes:
Cisco IOS Software, C3750 Software (C3750-IPSERVICES-M), Version 12.2(25)SEB2, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2005 by Cisco Systems, Inc.
Compiled Wed 08-Jun-05 01:19 by yenanh
Platform (0x06), length: 20 bytes: 'cisco WS-C3750G-16TD'
Address (0x02), length: 13 bytes: IPv4 (1) XXX.XX.X.XX
Port-ID (0x03), length: 21 bytes: 'GigabitEthernet3/0/17'
Capability (0x04), length: 4 bytes: (0x00000029): Router, L2 Switch, IGMP snooping
Protocol-Hello option (0x08), length: 32 bytes:
VTP Management Domain (0x09), length: 3 bytes: 'EPC'
Native VLAN ID (0x0a), length: 2 bytes: 5
Duplex (0x0b), length: 1 byte: full
AVVID trust bitmap (0x12), length: 1 byte: 0x00
AVVID untrusted ports CoS (0x13), length: 1 byte: 0x00
Management Addresses (0x16), length: 13 bytes: IPv4 (1) XXX.XX.X.XX
1 packets captured
951404 packets received by filter
0 packets dropped by kernel
D:\Softwares>WinDump.exe -nn -v -i \Device\NPF_{5F6BF467-20A0-4A4D-AD69-EA627FA9
7FCA} -s 1500 -c 1 "ether[20:2] == 0x2000"
WinDump.exe: listening on \Device\NPF_{5F6BF467-20A0-4A4D-AD69-EA627FA97FCA}
10:58:59.176044 CDPv2, ttl: 180s, checksum: 692 (unverified), length 357
Device-ID (0x01), length: 3 bytes: 'A1'
Version String (0x05), length: 187 bytes:
Cisco IOS Software, C3750 Software (C3750-IPSERVICES-M), Version 12.2(25)SEB2, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2005 by Cisco Systems, Inc.
Compiled Wed 08-Jun-05 01:19 by yenanh
Platform (0x06), length: 20 bytes: 'cisco WS-C3750G-16TD'
Address (0x02), length: 13 bytes: IPv4 (1) XXX.XX.X.XX
Port-ID (0x03), length: 21 bytes: 'GigabitEthernet3/0/17'
Capability (0x04), length: 4 bytes: (0x00000029): Router, L2 Switch, IGMP snooping
Protocol-Hello option (0x08), length: 32 bytes:
VTP Management Domain (0x09), length: 3 bytes: 'EPC'
Native VLAN ID (0x0a), length: 2 bytes: 5
Duplex (0x0b), length: 1 byte: full
AVVID trust bitmap (0x12), length: 1 byte: 0x00
AVVID untrusted ports CoS (0x13), length: 1 byte: 0x00
Management Addresses (0x16), length: 13 bytes: IPv4 (1) XXX.XX.X.XX
1 packets captured
329579 packets received by filter
0 packets dropped by kernel
D:\Softwares>WinDump.exe -nn -v -i \Device\NPF_{9E039A06-2207-44F0-B916-B8A9D0C8DE57} -s 1500 -c 1 "ether[20:2] == 0x2000"
WinDump.exe: listening on \Device\NPF_{9E039A06-2207-44F0-B916-B8A9D0C8DE57}
10:59:06.868032 CDPv2, ttl: 180s, checksum: 692 (unverified), length 357
Device-ID (0x01), length: 3 bytes: 'A1'
Version String (0x05), length: 187 bytes:
Cisco IOS Software, C3750 Software (C3750-IPSERVICES-M), Version 12.2(25)SEB2, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2005 by Cisco Systems, Inc.
Compiled Wed 08-Jun-05 01:19 by yenanh
Platform (0x06), length: 20 bytes: 'cisco WS-C3750G-16TD'
Address (0x02), length: 13 bytes: IPv4 (1) XXX.XX.X.XX
Port-ID (0x03), length: 21 bytes: 'GigabitEthernet3/0/20'
Capability (0x04), length: 4 bytes: (0x00000029): Router, L2 Switch, IGMP snooping
Protocol-Hello option (0x08), length: 32 bytes:
VTP Management Domain (0x09), length: 3 bytes: 'CCC'
Native VLAN ID (0x0a), length: 2 bytes: 5
Duplex (0x0b), length: 1 byte: full
AVVID trust bitmap (0x12), length: 1 byte: 0x00
AVVID untrusted ports CoS (0x13), length: 1 byte: 0x00
Management Addresses (0x16), length: 13 bytes: IPv4 (1) XXX.XX.X.XX
1 packets captured
378 packets received by filter
0 packets dropped by kernel
D:\Softwares>WinDump.exe -nn -v -i \Device\NPF_{F93A488D-6FB9-4069-BF74-2210120088ED} -s 1500 -c 1 "ether[20:2] == 0x2000"
WinDump.exe: listening on \Device\NPF_{F93A488D-6FB9-4069-BF74-2210120088ED}
10:59:23.290285 CDPv2, ttl: 180s, checksum: 692 (unverified), length 353
Device-ID (0x01), length: 3 bytes: 'A2'
Version String (0x05), length: 183 bytes:
Cisco IOS Software, C3750 Software (C3750-IPBASE-M), Version 12.2(25)SEB2, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2005 by Cisco Systems, Inc.
Compiled Wed 08-Jun-05 01:19 by yenanh
Platform (0x06), length: 20 bytes: 'cisco WS-C3750G-16TD'
Address (0x02), length: 13 bytes: IPv4 (1) XXX.XX.X.XX
Port-ID (0x03), length: 21 bytes: 'GigabitEthernet3/0/17'
Capability (0x04), length: 4 bytes: (0x00000029): Router, L2 Switch, IGMP snooping
Protocol-Hello option (0x08), length: 32 bytes:
VTP Management Domain (0x09), length: 3 bytes: 'CCC'
Native VLAN ID (0x0a), length: 2 bytes: 5
Duplex (0x0b), length: 1 byte: full
AVVID trust bitmap (0x12), length: 1 byte: 0x00
AVVID untrusted ports CoS (0x13), length: 1 byte: 0x00
Management Addresses (0x16), length: 13 bytes: IPv4 (1) XXX.XX.X.XX
1 packets captured
50844 packets received by filter
0 packets dropped by kernel
D:\Softwares>WinDump.exe -nn -v -i \Device\NPF_{587BD189-1FDC-48D4-94E8-C03606950A75} -s 1500 -c 1 "ether[20:2] == 0x2000"
WinDump.exe: listening on \Device\NPF_{587BD189-1FDC-48D4-94E8-C03606950A75}
11:00:11.087081 CDPv2, ttl: 180s, checksum: 692 (unverified), length 353
Device-ID (0x01), length: 3 bytes: 'A2'
Version String (0x05), length: 183 bytes:
Cisco IOS Software, C3750 Software (C3750-IPBASE-M), Version 12.2(25)SEB2, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2005 by Cisco Systems, Inc.
Compiled Wed 08-Jun-05 01:19 by yenanh
Platform (0x06), length: 20 bytes: 'cisco WS-C3750G-16TD'
Address (0x02), length: 13 bytes: IPv4 (1) XXX.XX.X.XX
Port-ID (0x03), length: 21 bytes: 'GigabitEthernet3/0/13'
Capability (0x04), length: 4 bytes: (0x00000029): Router, L2 Switch, IGMP snooping
Protocol-Hello option (0x08), length: 32 bytes:
VTP Management Domain (0x09), length: 3 bytes: 'CCC'
Native VLAN ID (0x0a), length: 2 bytes: 5
Duplex (0x0b), length: 1 byte: full
AVVID trust bitmap (0x12), length: 1 byte: 0x00
AVVID untrusted ports CoS (0x13), length: 1 byte: 0x00
Management Addresses (0x16), length: 13 bytes: IPv4 (1) XXX.XX.X.XX
1 packets captured
2884594 packets received by filter
0 packets dropped by kernel
No comments:
Post a Comment