How to Identify What Is Connected to a Network Switch
In a well-organized networking department, documentation should exist to allow any network engineer to quickly look up those devices that are connected to each switch port throughout the organization. There are a number of different software options that help in the process of mapping these various devices to switch ports. When used, the likelihood of error on documentation can be reduced, and switchport connections can be easily verified dynamically whenever the engineers have a need for the information.
But what happens if you are in one of those organizations that are not very, well… organized? Or what if you are a consultant who has been brought in to fix a problem in one of these types of organizations? Today I’ll review the available switch port mapping software options and the available alternatives that exist on Cisco equipment when these software options are not in place.
Switch Port Mapping Software and SNMP
There are a number of different products that exist which provide an accurate mapping of the devices that connect to each switch port. Sometimes this information is limited to MAC address(es) only, and sometimes it can be very detailed depending on the specific configuration of the connected device. Most of these programs take advantage of the Simple Network Management Protocol (SNMP) and its query mechanisms and some even provide the ability to alter switchport status and configuration if needed. Here are some of the most noteworthy products.
Managed Switch Port Mapping Tool – Of the available switchport mapping tools that were found, the most comprehensive and easy to use was the Managed Switch Port Mapping Tool by Northwest Performance Software. With minimal SNMP access (Read-Only), this software provides an easy-to-read sheet that includes interface type, name, speed, duplex, Virtual LAN (VLAN), switchport status, MAC address, MAC addresses of those devices which are connected off of each switch port, Cisco Discovery Protocol (CDP) information for supporting connected devices, Link Layer Discovery Protocol (LLDP) (802.1AB) information for supporting connected devices among other customizable queried information.
The Managed Switch Port Mapping Tool by Northwest Performance Software
A standalone copy costs $199, and it can be bundled with the companion NetScanTools package, which offers a number of different network mapping and scanning tools for various device types. Management Switch Port Mapping Tool, along with NetDB (mentioned next), are the only two packages that were stand-alone and specific to switch port mapping.
Network Tracking Database (NetDB) – The Network Tracking Database tool is an open-source Linux-based tool that can be used along with a web server engine to scan the switches on a network and record information into a database. While this tool does require some amount of Linux CLI knowledge, it is free and, as it is open source, it can be modified to meet the exact needs of the user. Unlike all of the other tools mentioned in this article, NetDB does not use SNMP as its query mechanism instead using device CLI logging capabilities. Most of the information that is base information that can be retrieved is similar to that of the Management Switch Port Mapping Tool mentioned above but in a less easy-to-look-at format. NetDB, along with the Management Switch Port Mapping Tool, are the only two packages that were stand-alone and specific to switchport mapping.
OpUtils – ManageEngine’s OpUtils is not specific to switchport management. It provides a number of different features that can help with the management of a network, including IP address management, switch port management (SNMP), device configuration management, and bandwidth monitoring, as well as several networking tools that can be used to monitor and troubleshoot the network. While the OpUtils interface is cleaner and more graphical than the previous two options, it also is lacking in its full support of CDP and LLDP, both which can provide network discovery enhancement.
A free version of OpUtils exists with some limited functionality. Standard and professional editions are available with the professional edition going for $295 per license (250 switchports and IP addresses) and an Annual Maintenance license is also available for a yearly fee of $59.
Lansweeper – The Lansweeper package is focused on network inventory and provides a number of different functionalities that make the management of all network elements across the network much easier, including support for everything from printers to servers. However, if we focus just on Lansweeper’s support for switch port mapping, the output is limited compared with a program like the Management Switch Port Mapping Tool. The real question is what the specific purpose of the tool is: If the main purpose is to get as much information about those devices connected to a switch as possible, then Lansweeper may come up light.
A standard version copy of Lansweeper is $250 for up to 250 clients with additional options for premium and enterprise customers.
Built-in Cisco Alternatives
While all of the tools referenced above have their specific advantages and disadvantages, one thing that is constant: All of them query information from the switching device itself, either through SNMP or the CLI. Almost all of the information that is displayed in these programs can be found from the CLI (at least on Cisco equipment).
show cdp – The Cisco Discovery Protocol (CDP) is a powerful layer 2 discovery protocol that is enabled on Cisco devices by default. While there are security concerns that come with the use of CDP, its benefits for network discovery cannot be challenged. It provides an easy mechanism that provides a list of connected (CDP supported) devices, their capabilities and how they are connected. Generally speaking CDP is supported on only Cisco devices and a few other supporting devices.
show lddp – The Link Layer Discovery Protocol (LLDP) gives very similar output to that available through CDP, but is standard based (802.1AB); because of this it should be supported across multiple networking vendors. Cisco devices support LLDP, but it is not enabled by default like CDP (lldp run). However, like CDP there are some inherent security concerns for its use globally.
show ip arp – The Address Resolution Protocol (ARP) is used on Ethernet networks to map Ethernet MAC addresses to IP addresses. The information from the ARP table can be displayed and used to determine those devices connected off a specific interface. Keep in mind, however, that the ARP table will only show those devices that have transmitted traffic recently (within four hours).
show mac address-table – The MAC address table (also referred to as the “cam table”) is used on a switch to map specific MAC addresses to specific switch ports. The caveat to using this table for mapping is that it only populates when traffic is received from a device, and it is only kept within the table for five minutes from the last seen transmission.
When troubleshooting any network problem (or frankly any problem) the more information that can be known up front can make the solution much easier to find. When troubleshooting switch port problems, the knowledge of what switch port is connected to which devices and what the specific configuration is (or should be) is vital to the quick determination of the problem. Hopefully one or more of the tools or commands described in this article can help in this process.