Comments (13)
routetehpacketz
commented on August 19, 2024
1
Ah it's a Nexus. Adding functionality for Nexus switches is on the list of to-dos. A Reddit user has been in contact with me recently inquiring when it can be added. I had started working on it this week, but there is more to it than I initially thought. I will change this Issue to reflect a feature request for supporting NX-OS and will try to complete it as soon as I can.
from cisco-ip-trace.
net9000
commented on August 19, 2024
I dl'd your debug script from the closed issue and this is what it returns:
`Do you want to scan a single IP or a range?
1. Single IP
2. Range (must be contiguous; no greater than /24)
Please input 1 or 2: 1
Enter IP address to trace: 192.168.17.20
Enter the IP address of the core router/switch that can ARP for the IP address to trace: 192.168.1.1
Username: admin
Password:
Line 67
term len 0
9300#ping 192.168.17.20 rep 2
Type escape sequence to abort.
Sending 2, 100-byte ICMP Echos to 192.168.17.20, timeout is 2 seconds:
!!
Success rate is 100 percent (2/2), round-trip min/avg/max = 1/1/1 ms
9300#show ip arp 192.168.17.20 | inc 192.168.17.20
Internet 192.168.17.20 4 686d.bc06.4cac ARPA Vlan17
9300#
Line 69
686d.bc06.4cac
Line 117
show mac add add 686d.bc06.4cac | inc 686d.bc06.4cac
17 686d.bc06.4cac DYNAMIC Po3
9300#
Traceback (most recent call last):
File "debug.py.py", line 261, in <module>
main()
File "debug.py.py", line 257, in main
singleip_scan()
File "debug.py.py", line 240, in singleip_scan
cdp_nei_ip,match_mac=core(core_router,current_ip)
File "debug.py.py", line 120, in core
print('Line 120\n\n'+mac_port.group()+'\n\n')
AttributeError: 'NoneType' object has no attribute 'group'
(p3-env) admin@dadmin:/tmp$
`
from cisco-ip-trace.
routetehpacketz
commented on August 19, 2024
Hey @net9000,
The debug script is erroring out because it is trying to print a variable that has not populated yet. The actual trace script has handling for this.
What is the output of show ether-channel summary | inc Po3 on your core switch?
from cisco-ip-trace.
net9000
commented on August 19, 2024
#show etherchannel sum | i Po3
3 Po3(SU) LACP Te1/1/1(P) Te1/1/2(P)
from cisco-ip-trace.
net9000
commented on August 19, 2024
Question about this. I am seeing an issue with the script when it tires to ssh into a Nexus device from the core. Instead of SSH'ing into the management IP its trying to SSH into the VPC peer link IP. The script tires to ssh into 10.2.12.2, but can't because the VPC peer IP isn't routed outside of the 5ks. So why doesn't the script use the 10.1.1.5 (Mgmt IP) vs 10.2.12.2 (VPC peer IP)?
Device ID: nexus5k-switch(SSI15510NK4)
Entry address(es):
IP address: 10.1.1.5
Platform: N5K-C5548UP, Capabilities: Switch IGMP CVTA phone port
Interface: GigabitEthernet1/2/46, Port ID (outgoing port): mgmt0
Holdtime : 150 sec
Version :
Cisco Nexus Operating System (NX-OS) Software, Version 5.2(1)N1(3)
advertisement version: 2
Duplex: full
Management address(es):
IP address: 10.1.1.5
-------------------------
**Device ID: nexus5k-switch(SSI15510NK4)
Entry address(es):
IP address: 10.2.12.2
Platform: N5K-C5548UP, Capabilities: Switch IGMP CVTA phone port
Interface: TenGigabitEthernet1/5/5, Port ID (outgoing port): Ethernet1/7
Holdtime : 150 sec**
Version :
Cisco Nexus Operating System (NX-OS) Software, Version 5.2(1)N1(3)
advertisement version: 2
Native VLAN: 1
Duplex: full
Management address(es):
IP address: 10.1.1.5
-------------------------
**Device ID: nexus5k-switch(SSI15510NK4)
Entry address(es):
IP address: 10.2.12.2
Platform: N5K-C5548UP, Capabilities: Switch IGMP CVTA phone port
Interface: TenGigabitEthernet2/5/5, Port ID (outgoing port): Ethernet1/8
Holdtime : 144 sec**
Version :
Cisco Nexus Operating System (NX-OS) Software, Version 5.2(1)N1(3)
advertisement version: 2
Native VLAN: 1
Duplex: full
Management address(es):
IP address: 10.1.1.5
from cisco-ip-trace.
routetehpacketz
commented on August 19, 2024
hey @net9000
I can't say exactly why it's using the VPC address since it's not even the first listed in the CDP neighbor output, but I think this one will probably be an easy fix since the management address is prefixed with "Management address(es)". I'll factor this into this issue as well.
from cisco-ip-trace.
net9000
commented on August 19, 2024
@routetehpacketz maybe a problem on my end and a missing route to that VPC peer link subnet. I added it and will re-run the script to see if works. Either way if you have a logic that tells it to use the management address in CDP then that would work as long as their is IP connectivity between them.
from cisco-ip-trace.
net9000
commented on August 19, 2024
One more issue I found, it seems as if switches are daisy chained or on the other side of another switch the script doesn't go any further than the next switch over from the core. For instance I have a core, connected to a 5k and that 5k has a stack of siwtches hanging off it. If the ARP table has an IP hanging off that stack the script reports that IP has being on the uplink of the 5K. It doesn't appear to ssh into the stack to find the actual port the device is connected to. It then reports that it found it on the uplink to that switch and moves on.
Tracing 10.99.1.72...complete!
10.99.1.72,lx6.domain.com,60a4.4cb0.d6f9,5k,Eth1/9,###uplink 3750 stack##,trunk,"none",49
Show cdp from the 5k:
Device ID:3750-stack
Interface address(es):
IPv4 Address: 10.100.1.15
Platform: WS-C3750X-48P, Capabilities: Switch IGMP Filtering
Interface: Ethernet1/9, Port ID (outgoing port): TenGigabitEthernet1/1/1
Holdtime: 165 sec
Version:
Cisco IOS Software, C3750E Software (C3750E-UNIVERSALK9-M), Version 15.0(2)SE2, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Tue 05-Feb-13 11:45 by prod_rel_team
Advertisement Version: 2
Native VLAN: 1
Duplex: full
Mgmt address(es):
IPv4 Address: 10.100.1.15
Show mac from the stack in question:
3750-stack#show mac address-table | i d6f9
332 60a4.4cb0.d6f9 DYNAMIC Gi3/0/48
from cisco-ip-trace.
routetehpacketz
commented on August 19, 2024
hey @net9000
is there an ether-channel between the N5K and the 3750x?
from cisco-ip-trace.
net9000
commented on August 19, 2024
@routetehpacketz No just a single trunk port as you can see from the CDP.
from cisco-ip-trace.
routetehpacketz
commented on August 19, 2024
@net9000 and just to confirm, you can SSH into 10.100.1.15 from the PC you're running the script on?
from cisco-ip-trace.
net9000
commented on August 19, 2024
@routetehpacketz Yes I can.
:/local-dp$ ssh [email protected]
Password:
3750-stack#
from cisco-ip-trace.
hildebrau
commented on August 19, 2024
I also have a Nexus core switch, with Catalysts hanging off of it.
I was having the port UNKNOWN issue, until I went into the script and edited the part that ran a "show ether-channel summ" command and converted it to "show port-channel summ". Then it worked a lot better. However, it doesn't seem to be identifying the switch connected to the port channel and connecting to it to further follow the MAC to the final switch and interface.
Did anyone else get it working in this configuration?
Update: I updated function get_cdp_neighbor to do a "show cdp nei int " instead of "show cdp nei " and that seemed to take care of the second issue.
from cisco-ip-trace.
Related Issues (20)
- issue running the script HOT 6
- Enable passwords HOT 1
- Script dies when not able to ssh into end device - make it skip that device and continue? HOT 29
- Enable password needed HOT 15
- Script dies when no matching cipers are found HOT 1
- Script dies with following error :OSError: Search pattern never detected in send_command_expect HOT 5
- no input password HOT 3
- Always shows No mac for the IP HOT 18
- Not related to this HOT 2
- You might need to cover other interface types HOT 5
- MAC address OUI lookup
- Remember if a neighbor can't be SSH'd into HOT 1
- port description with commas messes up the output csv HOT 3
- docker container HOT 3
- No longer working for when core is a router HOT 1
- trunk_regex incorrectly matching HOT 2
- issue while outputing to csv HOT 6
- Request: Full ARP table scan HOT 18
- Add DNS resolution? HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cisco-ip-trace.