• How to Automate MAC Address Lookups

Print Friendly, PDF & Email


MAC addresses are often overlooked, compared to higher layers of the OSI model, but they are a necessity in the transfer of data across the network. MAC addresses are unique in nature, with the vendor OUI portion of the MAC, and the client portion of the MAC. There are many reasons why locating a device is necessary, a few of them are:

  • A device is causing adverse affects to the network and the port needs to be shutdown
  • A port needs to be re-configured for a new device, but it is not known where the device is connected to on the network
  • Troubleshooting session to narrow down a user’s location


One struggle that many network operators face is trying to locate a MAC address within an environment. The complexity of the search varies based on the environment, if its an enterprise with many IDF closets, data center, etc.  The traditional method for locating a MAC address is the ‘Switch-Hopping’ approach. This can be time consuming with each new SSH session into a switch, querying based off the MAC address, and determining if the port identified is the host port.  

EOS Locate MAC

In an environment that leverages Arista’s EOS and eAPI, searching for a MAC address can be completed within seconds from a single switch. This can be accomplished by uploading a Python script, located on GitHub Eos-LocateMac, to a switch and creating an alias. By leveraging this script, eAPI, and LLDP, a user can perform a MAC lookup based on the full or a portion of the MAC address.   


In order to utilize this script to its fullest potential, the following protocols and features will need to be enabled on all Arista switches within the environment.  This script leverages LLDP to find neighboring Arista switches to query for MAC address, so it is important that LLDP is enabled.  For the switches to be queried for MAC addresses, eAPI will need to be enabled as well.  To enable eAPI see the commands below:

Arista(config)#management api http-commands
Arista(config-mgmt-api-http-cmds)#no shutdown

Download the script from https://github.com/networkRob/eos-locateMac

The script locateMac.py will need to be updated with proper authentication credentials so it can query each switch in the environment.  As a note, this script assumes that the service account used has access to each switch within the environment.  Line #’s 50 & 51 declare the username and password variables used or the script.  Update these values with the proper credentials this example uses ‘arista’/’arista’:

switch_username = 'arista'
switch_password = 'arista'

Next, the Python script will need to be uploaded to any switch where a query will be initiated.  As a note, this Python script is not needed on every switch in the environment.  Only the switch or Arista EOS device that will run the command.  Copy the locateMac.py file to the /mnt/flash/ directory of the switch via USB, SCP, SFTP, etc.  Only files in this directory will survive a reload of the switch, so it is important to place any files here.

Creating an alias is straightforward in EOS.  Below are the commands to register an alias to the locateMac.py script.

Arista(config)#alias findmac bash /mnt/flash/locateMac.py %1

The name of the alias can be different than shown above. To understand what is happening in the alias command above, the command is telling EOS to run a bash command.  This bash command will execute the locateMac.py script, and that an additional parameter will be passed with the alias call.

At this point, the script is ready to be used within the environment.


This example will consist of a L2 leaf spine topology, with LM-SW01 and LM-SW02 in a L2 MLAG pair, LM-SW03 connected to LM-SW01, LM-SW04 connected to LM-SW02, and finally the host LM-Host01 connected to LM-SW03.

This example will be performed from LM-SW04, and will demonstrate how the switch will return the switch, port, and VLAN for the queried MAC address.  Only a portion of the MAC address for LM-Host01 will be queried.

LM-SW04#findmac b660

MAC Address         Hostname            Interface           VLAN                Status
------------------  ---------           ----------          ---------           ---------
00:0c:29:fb:b6:60   LM-SW03             Ethernet3           21                  Found

This tool will return results on any MAC address within the environment that matches the query string, if a portion of the MAC address is given.  In the results, it reports back on the full MAC, the device that owns the host port, the interface that the host is connected to, which VLAN it is associated with, and if the MAC was found.  


Get every new post on this blog delivered to your Inbox.

Join other followers: