Posted on August 19, 2015 2:49 pm
 |  Asked by Ronald David Hurtado Ulfe
 |  2323 views
« Back to Previous Page
0
0
Print Friendly, PDF & Email

If we have one switch doing intervlan routing and then we extend the vlans using trunk to many arista switches having a tree topology. We can enable CVX in the switch doing intervlan routing working as CVX server for all the switches.

Can CVX help us to discover ip address and mac connected to each port of all the switches working in this toplogy?

For example we may get the next result asking the CVX server. How can we do this?

switchA

vlan 1001 port e1 host 192.168.10.8 mac 00:00:00:12:23:34

vlan 1002 port e3 host 192.168.11.7 mac 00:00:00:12:23:35

switchB

vlan 1002 port e10 host 192.168.11.32 mac 00:00:00:12:23:39
0
Posted by Richard
Answered on September 1, 2015 7:31 pm

Hi Ronald,

Can you provide more detail on what you are looking for? Are you simply trying to determine which IPs are mapped to which ports on each switch?

Cheers,
Rich
0
Posted by Ronald David Hurtado Ulfe
Answered on September 2, 2015 5:53 am

Imagine having a lot of switches so instead of doing the search in each switch one by one. Maybe CVX can learn from multiple sysdb of each switch of the topology. How you manage the CVX sysdb to get information from a huge topology?
0
Posted by Juuso Lehtinen
Answered on September 3, 2015 5:59 pm

Hi Ronald,

If I understand correctly, you want to have visibility from a central place to see where each end host in your network is connected (switch name, switch port, vlan) and what is the end host IP/MAC?

I think that the best approach is to write a simple eAPI script that collects some information from switches in your topology:
1. MAC Address Table of each switch, i.e., the output of ’show mac address-table’. This will give you almost all of the info you need: mac address of each end host, switch port, vlan, and switch name where each host is connected
2. ARP table from the root switch (switch where you do inter-vlan routing), i.e., the output of ’show ip arp’. Assuming each end host is sending inter-VLAN traffic, you should have ARP entry for each end host on the root switch. This allows you to print the IP address for each host.
3. Last, you print the mac address table of each switch and in addition to printing the MAC address for each host, you consult the ARP table to print the IP address for each host as well.

Marked as spam
0
Posted by Juuso Lehtinen
Answered on September 3, 2015 6:00 pm

Hi Ronald,

If I understand correctly, you want to have visibility from a central place to see where each end host in your network is connected (switch name, switch port, vlan) and what is the end host IP/MAC?

I think that the best approach is to write a simple eAPI script that collects some information from switches in your topology:
1. MAC Address Table of each switch, i.e., the output of ’show mac address-table’. This will give you almost all of the info you need: mac address of each end host, switch port, vlan, and switch name where each host is connected
2. ARP table from the root switch (switch where you do inter-vlan routing), i.e., the output of ’show ip arp’. Assuming each end host is sending inter-VLAN traffic, you should have ARP entry for each end host on the root switch. This allows you to print the IP address for each host.
3. Last, you print the mac address table of each switch and in addition to printing the MAC address for each host, you consult the ARP table to print the IP address for each host as well.
1
Posted by Juuso Lehtinen
Answered on September 3, 2015 9:14 pm

Here is an example script that collects the MAC address tables from your leaf switches and the ARP table of the root switch:

#!/usr/bin/env python
import pyeapi
import netaddr

# define your topology here. Root is the switch that is doing inter-VLAN routing (has ARP table of all hosts).
root = pyeapi.connect(transport='https',host='rootswitch.example.com')
leaf1 = pyeapi.connect(transport='https',host='leafswitch1.example.com')
leaf2 = pyeapi.connect(transport='https',host='leafswitch2.example.com')
switches = [leaf1, leaf2]

# get ARP table from the root switch
arp = {}
output = root.execute(['show ip arp'])
for line in output['result'][0]['ipV4Neighbors']:
	mac_addr = netaddr.EUI(line['hwAddress'])
	arp[mac_addr] = line['address']


# get MAC address tables from each swtich
for switch in switches:
	print "Switch ", switch
	output = switch.execute(['show mac address-table'])
	for line in output['result'][0]['unicastTable']['tableEntries']:
		mac_addr = netaddr.EUI(line['macAddress'])
		if arp.has_key(mac_addr): 
			print "vlan %s, port %s, host mac %s, host ip %s" % (line['vlanId'], line['interface'], mac_addr, arp[mac_addr])
		else:
			print "vlan %s, port %s, host mac %s, host ip unknown" % (line['vlanId'], line['interface'], mac_addr)

The script prints out information about the connected hosts. If there is no ARP entry for a particular MAC address, the IP address is marked as ’unknown':
Switch EapiConnection(transport=https://leafswitch1.example.com:443//command-api)
vlan 201, port Ethernet1, host mac 00-00-68-3C-FC-33, host ip 10.150.0.101
vlan 201, port Ethernet1, host mac 00-01-05-00-00-01, host ip 10.150.0.110
vlan 201, port Ethernet1, host mac 00-01-05-00-00-02, host ip 10.150.0.111
vlan 201, port Ethernet1, host mac 00-01-05-00-00-03, host ip 10.150.0.112
vlan 201, port Ethernet1, host mac 00-01-05-00-00-04, host ip unknown
vlan 201, port Ethernet1, host mac 00-01-05-00-00-05, host ip 10.150.0.114
vlan 201, port Ethernet1, host mac 00-01-05-00-00-06, host ip 10.150.0.115
vlan 201, port Ethernet1, host mac 00-01-05-00-00-07, host ip 10.150.0.116
vlan 201, port Ethernet1, host mac 00-01-05-00-00-08, host ip unknown
vlan 201, port Ethernet1, host mac 00-01-05-00-00-09, host ip 10.150.0.118
vlan 201, port Ethernet1, host mac 00-01-05-00-00-0A, host ip 10.150.0.119
vlan 201, port Port-Channel1, host mac 00-11-22-33-44-55, host ip unknown
vlan 201, port Port-Channel1, host mac 00-1C-73-36-70-5F, host ip unknown
vlan 201, port Port-Channel1, host mac 00-1C-73-5C-3E-70, host ip 94.1.0.2
vlan 202, port Port-Channel1, host mac 00-11-22-33-44-55, host ip unknown
vlan 202, port Port-Channel1, host mac 00-1C-73-36-70-5F, host ip unknown
vlan 202, port Port-Channel1, host mac 00-1C-73-5C-3E-70, host ip 94.1.0.2
Switch EapiConnection(transport=https://leafswitch2.example.com:443//command-api)
vlan 201, port Port-Channel2, host mac 00-11-22-33-44-55, host ip unknown
vlan 201, port Port-Channel2, host mac 00-1C-73-36-70-5F, host ip unknown
vlan 201, port Port-Channel2, host mac 00-1C-73-5C-3E-70, host ip 94.1.0.2
vlan 202, port Ethernet47, host mac 00-01-08-00-00-01, host ip 10.150.16.130
vlan 202, port Ethernet47, host mac 00-01-08-00-00-02, host ip 10.150.16.131
vlan 202, port Ethernet47, host mac 00-01-08-00-00-03, host ip 10.150.16.132
vlan 202, port Ethernet47, host mac 00-01-08-00-00-04, host ip 10.150.16.133
vlan 202, port Ethernet47, host mac 00-01-08-00-00-05, host ip unknown
vlan 202, port Ethernet47, host mac 00-01-08-00-00-06, host ip 10.150.16.135
vlan 202, port Ethernet47, host mac 00-01-08-00-00-07, host ip 10.150.16.136
vlan 202, port Ethernet47, host mac 00-01-08-00-00-08, host ip 10.150.16.137
vlan 202, port Ethernet47, host mac 00-01-08-00-00-09, host ip unknown
vlan 202, port Ethernet47, host mac 00-01-08-00-00-0A, host ip 10.150.16.139
vlan 202, port Port-Channel2, host mac 00-11-22-33-44-55, host ip unknown
vlan 202, port Port-Channel2, host mac 00-1C-73-36-70-5F, host ip unknown
vlan 202, port Port-Channel2, host mac 00-1C-73-5C-3E-70, host ip 94.1.0.2
0
Posted by Alexis Dacquay
Answered on September 5, 2015 11:37 pm

Ronald,

If all the switches you want to check MAC addresses on are indeed connected to the CVX . But VLAN+LocalPort+MAC+IP is a complete suite of information only known by the individual switches themselves. CVX is only aware about some information (what is needed for VXLAN, VLAN, VNI, LLDP, etc) ARP or VLAN are not part of that information today.

The script provided by Juuso is excellent, as it collects the MAC addresses from all the switches, even those not connected to CVX. You would also get the local port + VLAN + MAC + ARP.

If nonetheless you want to use CVX (for MAC and VNIs only), then you could use ”show service vxlan address-table received

Example:

Arista-CVX#show service vxlan address-table received
 Received Mac Address Table
---------------------------------------------------------------------
Switch Vni Mac Address Vtep Moves
----------------- ----------- ----------------- --------------- -----
00-0c-29-3e-0f-4a 101010 00:0c:29:3e:0f:4a 2.2.2.2 1
00-0c-29-3e-0f-4a 111111 00:0c:29:3e:0f:4a 2.2.2.2 1
00-1c-73-64-e6-6c 101010 00:1c:73:64:e6:6c 3.3.3.3 1
00-1c-73-64-e6-6c 111111 00:1c:73:64:e6:6c 3.3.3.3 1
Total Mac Addresses for this criterion: 4

 

This output can be collected by eAPI. Check the below JSON structure, like many command with the suffix ”| json”, or by checking the GUI EAPI command explorer.

 

Arista-CVX#show service vxlan address-table received | json
{"switches":{"00-0c-29-3e-0f-4a":{"vniInDottedNotation":false,"vnis":[{"macAddress":"00:00:00:00:00:00","vni":101010,"unicastHostTable":[{"macAddr":"00:0c:29:3e:0f:4a","vtepIp":"2.2.2.2","timeLearned":0.000000,"moveCount":1}],"bumVtepListTable":[{"vtepIpListType":"sendToAll","macAddr":"00:00:00:00:00:00","vtepIpList":["2.2.2.2"]}]},{"macAddress":"00:00:00:00:00:00","vni":111111,"unicastHostTable":[{"macAddr":"00:0c:29:3e:0f:4a","vtepIp":"2.2.2.2","timeLearned":0.000000,"moveCount":1}],"bumVtepListTable":[{"vtepIpListType":"sendToAll","macAddr":"00:00:00:00:00:00","vtepIpList":["2.2.2.2"]}]}]},"00-1c-73-64-e6-6c":{"vniInDottedNotation":false,"vnis":[{"macAddress":"00:00:00:00:00:00","vni":101010,"unicastHostTable":[{"macAddr":"00:1c:73:64:e6:6c","vtepIp":"3.3.3.3","timeLearned":0.000000,"moveCount":1}],"bumVtepListTable":[{"vtepIpListType":"sendToAll","macAddr":"00:00:00:00:00:00","vtepIpList":["3.3.3.3"]}]},{"macAddress":"00:00:00:00:00:00","vni":111111,"unicastHostTable":[{"macAddr":"00:1c:73:64:e6:6c","vtepIp":"3.3.3.3","timeLearned":0.000000,"moveCount":1}],"bumVtepListTable":[{"vtepIpListType":"sendToAll","macAddr":"00:00:00:00:00:00","vtepIpList":["3.3.3.3"]}]}]}}}

 

 
« Back to Previous Page

Post your Answer

You must be logged in to post an answer.