single command to gather mac addresses of connected devices to switch











up vote
2
down vote

favorite












I've connected multiple PCs to a 2960 switch and then entered privilege mode and entered : show mac-address-table but the table is empty. Then I pinged the broadcast address from one of the PCs: ping 192.168.1.255 and used the previous command on the switch once again and the mac address table lists all the PCs' mac addresses, I wonder if there is a shorter way? i.e. a command on switch to gather the mac addresses of the connected devices to its ports without the need to the pinging step? Thanks.










share|improve this question
























  • I'd also send a ping to ff02::1 in case there are devices which don't respond to 192.168.1.255. Of course it still won't guarantee to reach all devices, and there really isn't any way to force an unknown device to send a packet.
    – kasperd
    Dec 5 at 12:26















up vote
2
down vote

favorite












I've connected multiple PCs to a 2960 switch and then entered privilege mode and entered : show mac-address-table but the table is empty. Then I pinged the broadcast address from one of the PCs: ping 192.168.1.255 and used the previous command on the switch once again and the mac address table lists all the PCs' mac addresses, I wonder if there is a shorter way? i.e. a command on switch to gather the mac addresses of the connected devices to its ports without the need to the pinging step? Thanks.










share|improve this question
























  • I'd also send a ping to ff02::1 in case there are devices which don't respond to 192.168.1.255. Of course it still won't guarantee to reach all devices, and there really isn't any way to force an unknown device to send a packet.
    – kasperd
    Dec 5 at 12:26













up vote
2
down vote

favorite









up vote
2
down vote

favorite











I've connected multiple PCs to a 2960 switch and then entered privilege mode and entered : show mac-address-table but the table is empty. Then I pinged the broadcast address from one of the PCs: ping 192.168.1.255 and used the previous command on the switch once again and the mac address table lists all the PCs' mac addresses, I wonder if there is a shorter way? i.e. a command on switch to gather the mac addresses of the connected devices to its ports without the need to the pinging step? Thanks.










share|improve this question















I've connected multiple PCs to a 2960 switch and then entered privilege mode and entered : show mac-address-table but the table is empty. Then I pinged the broadcast address from one of the PCs: ping 192.168.1.255 and used the previous command on the switch once again and the mac address table lists all the PCs' mac addresses, I wonder if there is a shorter way? i.e. a command on switch to gather the mac addresses of the connected devices to its ports without the need to the pinging step? Thanks.







cisco switch






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Dec 5 at 10:31









Marc 'netztier' Luethi

2,989319




2,989319










asked Dec 5 at 6:03









Moytaba

133




133












  • I'd also send a ping to ff02::1 in case there are devices which don't respond to 192.168.1.255. Of course it still won't guarantee to reach all devices, and there really isn't any way to force an unknown device to send a packet.
    – kasperd
    Dec 5 at 12:26


















  • I'd also send a ping to ff02::1 in case there are devices which don't respond to 192.168.1.255. Of course it still won't guarantee to reach all devices, and there really isn't any way to force an unknown device to send a packet.
    – kasperd
    Dec 5 at 12:26
















I'd also send a ping to ff02::1 in case there are devices which don't respond to 192.168.1.255. Of course it still won't guarantee to reach all devices, and there really isn't any way to force an unknown device to send a packet.
– kasperd
Dec 5 at 12:26




I'd also send a ping to ff02::1 in case there are devices which don't respond to 192.168.1.255. Of course it still won't guarantee to reach all devices, and there really isn't any way to force an unknown device to send a packet.
– kasperd
Dec 5 at 12:26










1 Answer
1






active

oldest

votes

















up vote
6
down vote



accepted










EDIT:
To actually answer the question: show mac-address-table or show mac address-table (depending on platform and software generation) is the single command to see the MAC address table on a Cisco Switch like the 2960. The fact that the table comes up empty is very probably correct.



Here's why:



MAC address tables (sometimes referred to as CAM tables) are usually dynamic, and their entries are aged out after a given timeout, usually 300 seconds.



An entry is added as soon as an Ethernet frame arrives on a switch port. It's source MAC address is kept and is added to the CAM table and its aging timer starts to decrement.



If connected devices stay silent for more than 300 sec (or the given CAM table aging value), their MAC addresses are removed from the CAM table.



If another device needs to talk to such a dormant peer, the switch will have to perform "unknown unicast flooding" and send the given Ethernet frame out of all ports (more precisely: all active/forwarding ports of the given VLAN). As soon as the device of interest responds with an Ethernet frame, the CAM table is (re)populated instantly with a new entry.



There can be more advanced setups with sticky or static CAM table entries, but that's another story.



This being said...



IF a constantly populated CAM table is a requirement, AND IF the connected devices have no need to be allowed to "sleep" for longer periods of time (for example to save energy), AND IF the scope of interesting devices/table entries covers IPv4 enabled devices, there is one trick that can help a lot without requiring a lot of advanced config:



Many routers (CEF enabled Cisco router definitely do it) do active maintenance of their ARP cache, but have a default ARP timeout of 4hours. By lowering their ARP timeout to some value lower than 300sec (which does little to no harm), the router will re-query the entries in its ARP cache, shortly before they expire. That will in turn trigger a response from the devices, and these ARP replies then keep the switch's CAM tables populated.






share|improve this answer























    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "496"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    noCode: true, onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f55206%2fsingle-command-to-gather-mac-addresses-of-connected-devices-to-switch%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes








    up vote
    6
    down vote



    accepted










    EDIT:
    To actually answer the question: show mac-address-table or show mac address-table (depending on platform and software generation) is the single command to see the MAC address table on a Cisco Switch like the 2960. The fact that the table comes up empty is very probably correct.



    Here's why:



    MAC address tables (sometimes referred to as CAM tables) are usually dynamic, and their entries are aged out after a given timeout, usually 300 seconds.



    An entry is added as soon as an Ethernet frame arrives on a switch port. It's source MAC address is kept and is added to the CAM table and its aging timer starts to decrement.



    If connected devices stay silent for more than 300 sec (or the given CAM table aging value), their MAC addresses are removed from the CAM table.



    If another device needs to talk to such a dormant peer, the switch will have to perform "unknown unicast flooding" and send the given Ethernet frame out of all ports (more precisely: all active/forwarding ports of the given VLAN). As soon as the device of interest responds with an Ethernet frame, the CAM table is (re)populated instantly with a new entry.



    There can be more advanced setups with sticky or static CAM table entries, but that's another story.



    This being said...



    IF a constantly populated CAM table is a requirement, AND IF the connected devices have no need to be allowed to "sleep" for longer periods of time (for example to save energy), AND IF the scope of interesting devices/table entries covers IPv4 enabled devices, there is one trick that can help a lot without requiring a lot of advanced config:



    Many routers (CEF enabled Cisco router definitely do it) do active maintenance of their ARP cache, but have a default ARP timeout of 4hours. By lowering their ARP timeout to some value lower than 300sec (which does little to no harm), the router will re-query the entries in its ARP cache, shortly before they expire. That will in turn trigger a response from the devices, and these ARP replies then keep the switch's CAM tables populated.






    share|improve this answer



























      up vote
      6
      down vote



      accepted










      EDIT:
      To actually answer the question: show mac-address-table or show mac address-table (depending on platform and software generation) is the single command to see the MAC address table on a Cisco Switch like the 2960. The fact that the table comes up empty is very probably correct.



      Here's why:



      MAC address tables (sometimes referred to as CAM tables) are usually dynamic, and their entries are aged out after a given timeout, usually 300 seconds.



      An entry is added as soon as an Ethernet frame arrives on a switch port. It's source MAC address is kept and is added to the CAM table and its aging timer starts to decrement.



      If connected devices stay silent for more than 300 sec (or the given CAM table aging value), their MAC addresses are removed from the CAM table.



      If another device needs to talk to such a dormant peer, the switch will have to perform "unknown unicast flooding" and send the given Ethernet frame out of all ports (more precisely: all active/forwarding ports of the given VLAN). As soon as the device of interest responds with an Ethernet frame, the CAM table is (re)populated instantly with a new entry.



      There can be more advanced setups with sticky or static CAM table entries, but that's another story.



      This being said...



      IF a constantly populated CAM table is a requirement, AND IF the connected devices have no need to be allowed to "sleep" for longer periods of time (for example to save energy), AND IF the scope of interesting devices/table entries covers IPv4 enabled devices, there is one trick that can help a lot without requiring a lot of advanced config:



      Many routers (CEF enabled Cisco router definitely do it) do active maintenance of their ARP cache, but have a default ARP timeout of 4hours. By lowering their ARP timeout to some value lower than 300sec (which does little to no harm), the router will re-query the entries in its ARP cache, shortly before they expire. That will in turn trigger a response from the devices, and these ARP replies then keep the switch's CAM tables populated.






      share|improve this answer

























        up vote
        6
        down vote



        accepted







        up vote
        6
        down vote



        accepted






        EDIT:
        To actually answer the question: show mac-address-table or show mac address-table (depending on platform and software generation) is the single command to see the MAC address table on a Cisco Switch like the 2960. The fact that the table comes up empty is very probably correct.



        Here's why:



        MAC address tables (sometimes referred to as CAM tables) are usually dynamic, and their entries are aged out after a given timeout, usually 300 seconds.



        An entry is added as soon as an Ethernet frame arrives on a switch port. It's source MAC address is kept and is added to the CAM table and its aging timer starts to decrement.



        If connected devices stay silent for more than 300 sec (or the given CAM table aging value), their MAC addresses are removed from the CAM table.



        If another device needs to talk to such a dormant peer, the switch will have to perform "unknown unicast flooding" and send the given Ethernet frame out of all ports (more precisely: all active/forwarding ports of the given VLAN). As soon as the device of interest responds with an Ethernet frame, the CAM table is (re)populated instantly with a new entry.



        There can be more advanced setups with sticky or static CAM table entries, but that's another story.



        This being said...



        IF a constantly populated CAM table is a requirement, AND IF the connected devices have no need to be allowed to "sleep" for longer periods of time (for example to save energy), AND IF the scope of interesting devices/table entries covers IPv4 enabled devices, there is one trick that can help a lot without requiring a lot of advanced config:



        Many routers (CEF enabled Cisco router definitely do it) do active maintenance of their ARP cache, but have a default ARP timeout of 4hours. By lowering their ARP timeout to some value lower than 300sec (which does little to no harm), the router will re-query the entries in its ARP cache, shortly before they expire. That will in turn trigger a response from the devices, and these ARP replies then keep the switch's CAM tables populated.






        share|improve this answer














        EDIT:
        To actually answer the question: show mac-address-table or show mac address-table (depending on platform and software generation) is the single command to see the MAC address table on a Cisco Switch like the 2960. The fact that the table comes up empty is very probably correct.



        Here's why:



        MAC address tables (sometimes referred to as CAM tables) are usually dynamic, and their entries are aged out after a given timeout, usually 300 seconds.



        An entry is added as soon as an Ethernet frame arrives on a switch port. It's source MAC address is kept and is added to the CAM table and its aging timer starts to decrement.



        If connected devices stay silent for more than 300 sec (or the given CAM table aging value), their MAC addresses are removed from the CAM table.



        If another device needs to talk to such a dormant peer, the switch will have to perform "unknown unicast flooding" and send the given Ethernet frame out of all ports (more precisely: all active/forwarding ports of the given VLAN). As soon as the device of interest responds with an Ethernet frame, the CAM table is (re)populated instantly with a new entry.



        There can be more advanced setups with sticky or static CAM table entries, but that's another story.



        This being said...



        IF a constantly populated CAM table is a requirement, AND IF the connected devices have no need to be allowed to "sleep" for longer periods of time (for example to save energy), AND IF the scope of interesting devices/table entries covers IPv4 enabled devices, there is one trick that can help a lot without requiring a lot of advanced config:



        Many routers (CEF enabled Cisco router definitely do it) do active maintenance of their ARP cache, but have a default ARP timeout of 4hours. By lowering their ARP timeout to some value lower than 300sec (which does little to no harm), the router will re-query the entries in its ARP cache, shortly before they expire. That will in turn trigger a response from the devices, and these ARP replies then keep the switch's CAM tables populated.







        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited Dec 5 at 7:53

























        answered Dec 5 at 7:30









        Marc 'netztier' Luethi

        2,989319




        2,989319






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Network Engineering Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.





            Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


            Please pay close attention to the following guidance:


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f55206%2fsingle-command-to-gather-mac-addresses-of-connected-devices-to-switch%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            flock() on closed filehandle LOCK_FILE at /usr/bin/apt-mirror

            Mangá

            Eduardo VII do Reino Unido