1、 MAC地址表:
查找交换机端口哪一个端口的MAC地址是0010.5a0c.ffba。 # show mac addresssw-ac3#show mac-address-table Mac Address Table-------------------------------------------Vlan Mac Address Type Ports---- ----------- -------- ----- 33 0010.5a0c.ffba DYNAMIC Fa0/1 2 、Trunk口: 查找交换机的Trunk接口。 # show interfaces trunksw-ac3#show interfaces trunk Port Mode Encapsulation Status Native vlanFa0/3 on 802.1q trunking 1Fa0/9 on 802.1q trunking 1Fa0/12 on 802.1q trunking 1Port Vlans allowed on trunkFa0/3 1-1005Fa0/9 1-1005Fa0/12 1-1005Port Vlans allowed and active in management domainFa0/3 1,22,33,44,99Fa0/9 1,22,33,44,99Fa0/12 1,22,33,44,99Port Vlans in spanning tree forwarding state and not prunedFa0/3 1,22,33,44,99Fa0/9 1,22,44,99Fa0/12 333、 路由器型号:查看 vlan-r1 路由器的型号。 # show cdp neighborssw-ac3#show cdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater, P - PhoneDevice ID Local Intrfce Holdtme Capability Platform Port IDsw-ds1 Fas 0/12 164 S 2960 Fas 0/3sw-ac2 Fas 0/9 164 S 2960 Fas 0/7vlan-r1 Fas 0/3 164 R C2800 Fas 0/0vlan-r1 Fas 0/3 164 R C2800 Fas 0/0.1vlan-r1 Fas 0/3 164 R C2800 Fas 0/0.22vlan-r1 Fas 0/3 164 R C2800 Fas 0/0.33vlan-r1 Fas 0/3 164 R C2800 Fas 0/0.444、根桥交换机: 查找作为Vlan1根桥的交换机。 # show spanning-tree vlan 1sw-ac3#show spanning-tree vlan 1VLAN0001 Spanning tree enabled protocol ieee Root ID Priority 24577 Address 0010.1102.14C4 Cost 19 Port 9(FastEthernet0/9) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address 00E0.F768.81B1 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 20Interface Role Sts Cost Prio.Nbr Type---------------- ---- --- --------- -------- --------------------------------Fa0/3 Desg FWD 19 128.3 P2pFa0/9 Root FWD 19 128.9 P2pFa0/12 Altn BLK 19 128.12 P2p~~~~"Port 9(FastEthernet0/9) " 得到与 根桥 链接的端口是Fa0/9,cost=19 下一条就是根桥而 根端口 的对端交换机肯定是根桥。下一步 用cdp协议确定F0/9的对端设备。sw-ac3#show cdp nCapability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater, P - PhoneDevice ID Local Intrfce Holdtme Capability Platform Port IDsw-ds1 Fas 0/12 144 S 2960 Fas 0/3sw-ac2 Fas 0/9 144 S 2960 Fas 0/7vlan-r1 Fas 0/3 144 R C2800 Fas 0/0vlan-r1 Fas 0/3 144 R C2800 Fas 0/0.1vlan-r1 Fas 0/3 144 R C2800 Fas 0/0.22vlan-r1 Fas 0/3 144 R C2800 Fas 0/0.33vlan-r1 Fas 0/3 144 R C2800 Fas 0/0.44~~~~可看到Fa0/9的对端设备是sw-ac25 、端口网关: 查找SW-AC3的fa0/4的default-gateway网关地址 (已知Vlan 信息)找出接口所属Vlan ID。 #show vlan sw-ac3#show vlan VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1622 servers active 33 Management active Fa0/1, Fa0/2, Fa0/5, Fa0/6 Fa0/744 Production active Fa0/4, Fa0/8, Fa0/10, Fa0/1199 no-where active Fa0/13, Fa0/14, Fa0/15, Fa0/17 Fa0/18, Fa0/19, Fa0/20, Fa0/21 Fa0/22, Fa0/23, Fa0/24, Gig1/1 Gig1/21002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup ~~fa0/4在vlan 44下6、 服务器IP和设备型号: 找出SW3从哪一台交换机接收Vlan信息(2步):1)show vtp status 得知获取VLAN信息的服务器IP地址2)show cdp neighbord detail 服务器IP所对应的设备型号sw-ac3#show vtp status VTP Version : 2Configuration Revision : 4Maximum VLANs supported locally : 255Number of existing VLANs : 9VTP Operating Mode : ClientVTP Domain Name : home-officeVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0x29 0xF2 0x89 0xC3 0x33 0xDC 0x5F 0x0F Configuration last modified by 192.168.1.249 at 3-1-93 00:53:00~~从Configuration last modified by 192.168.1.249 at 3-1-93 00:53:00可知VTP的服务器IP地址。第二部查找该IP对应的设备。show cdp neighbors detail!Device ID: sw-ac2Entry address(es): IP address : 192.168.1.249Platform: cisco 2960, Capabilities: SwitchInterface: FastEthernet0/9, Port ID (outgoing port): FastEthernet0/7Holdtime: 142Version :Cisco IOS Software, C2960 Software (C2960-LANBASE-M), Version 12.2(25)FX, RELEASE SOFTWARE (fc1)Copyright (c) 1986-2005 by Cisco Systems, Inc.Compiled Wed 12-Oct-05 22:05 by pt_team~~~7、修订版本号: 通过查看修订版本号 判断讲交换机SW-X通过F0/16接入SW-AC3会导致的后果。sw-ac3#show vtp status VTP Version : 2Configuration Revision : 4 《《《《修订版本号~~Maximum VLANs supported locally : 255Number of existing VLANs : 9VTP Operating Mode : ClientVTP Domain Name : home-officeVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0x29 0xF2 0x89 0xC3 0x33 0xDC 0x5F 0x0F Configuration last modified by 192.168.1.249 at 3-1-93 00:53:008、端口查看: 以00d0.d3a1.9a1b为源地址,以000a.8a47.e612为目的地址的数据帧会在交换机SW-AC3从哪些端口转发? ~~如果目的地址帧不在mac地址表中,则会发生泛洪flood,该Vlan内 除 发送端口外,其余端口以及Trunk口都会收到,但是处于block状态的Trunk口,收到后不会转发! 思路: 查看目的mac所属Vlan、找出该Vlan下的端口、删选掉其中处于Block状态的端口。 1)sw-ac3#show mac Mac Address Table-------------------------------------------Vlan Mac Address Type Ports---- ----------- -------- ----- 1 0001.c9e5.be01 DYNAMIC Fa0/3 1 000c.8581.c59b DYNAMIC Fa0/9 1 0010.1102.14c4 DYNAMIC Fa0/9 1 00d0.9746.1686 DYNAMIC Fa0/9 1 00d0.ba9c.db07 DYNAMIC Fa0/9 22 0001.c9e5.be01 DYNAMIC Fa0/3 22 00d0.ba9c.db07 DYNAMIC Fa0/9 22 00e0.f7b0.8998 DYNAMIC Fa0/9 33 0000.0c6a.5547 DYNAMIC Fa0/12 33 0001.63a4.46e1 DYNAMIC Fa0/12 33 0001.c9e5.be01 DYNAMIC Fa0/3 33 0010.5a0c.ffba DYNAMIC Fa0/1 33 0040.0b19.aed1 DYNAMIC Fa0/12 33 0040.0b8a.86a3 DYNAMIC Fa0/12 33 0060.70ad.1603 DYNAMIC Fa0/12 33 00d0.d3a1.9a1b DYNAMIC Fa0/6 33 00e0.a396.b701 DYNAMIC Fa0/12 44 0001.427b.35a0 DYNAMIC Fa0/9 44 0001.c9e5.be01 DYNAMIC Fa0/3 44 000b.bec0.28a5 DYNAMIC Fa0/8 44 0090.2bac.1a6c DYNAMIC Fa0/9 44 00d0.5811.3aac DYNAMIC Fa0/4 44 00d0.ba9c.db07 DYNAMIC Fa0/9 44 00e0.a322.5848 DYNAMIC Fa0/9 44 00e0.a3ea.dd9b DYNAMIC Fa0/9 99 00d0.ba9c.db07 DYNAMIC Fa0/9~由于目的地址不在mac表中,所以转发端口泛洪,转发端口9a1b Fa0/6处于vlan 33中 ~~ vlan 33下端口 1 3 6 12????2)Vlan33中的端口sw-ac3#show vlanVLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1622 servers active 33 Management active Fa0/1, Fa0/2, Fa0/5, Fa0/6 Fa0/7~~1 2 5 6 7 ????和mac地址表中的对应关系??3)查看处于Trunk口的端口sw-ac3#show interfaces trunk 》》》》》》》注意不是 show ip interfaces trunk没有ip!!Port Mode Encapsulation Status Native vlanFa0/3 on 802.1q trunking 1Fa0/9 on 802.1q trunking 1Fa0/12 on 802.1q trunking 14)查找出处于block状态的端口 # show spanning-tree vlan 33!牢记!sw-ac3#show spanning-tree vlan 33VLAN0033 Spanning tree enabled protocol ieee Root ID Priority 24609 Address 00D0.9746.1686 Cost 19 Port 12(FastEthernet0/12) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32801 (priority 32768 sys-id-ext 33) Address 00E0.F768.81B1 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 20Interface Role Sts Cost Prio.Nbr Type---------------- ---- --- --------- -------- --------------------------------Fa0/1 Desg FWD 19 128.1 P2pFa0/3 Desg FWD 19 128.3 P2pFa0/6 Desg FWD 19 128.6 P2pFa0/9 Altn BLK 19 128.9 P2pFa0/12 Root FWD 19 128.12 P2p发现Fa0/9处于block状态。9、用目的ip查找目的mac: 找出 SW-AC3向 190.0.2.5 发送信息的 目的mac地址思路:目的ip不在本地vlan内时,信息首先被发往网关,所以便是查找网关的问题。SW-AC3上主机网关的路由器都是Vlan-R1。1)确定Vlan-R1连接SW-AC3的端口 # show cdp neighbors 获取、发现相邻设备的型号。sw-ac3#show cdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater, P - PhoneDevice ID Local Intrfce Holdtme Capability Platform Port IDvlan-r1 Fas 0/3 124 R C2800 Fas 0/0vlan-r1 Fas 0/3 124 R C2800 Fas 0/0.1vlan-r1 Fas 0/3 124 R C2800 Fas 0/0.22sw-ds1 Fas 0/12 124 S 2960 Fas 0/3vlan-r1 Fas 0/3 124 R C2800 Fas 0/0.33vlan-r1 Fas 0/3 124 R C2800 Fas 0/0.44sw-ac2 Fas 0/9 123 S 2960 Fas 0/7》》》》》》》Vlan R1的本地端为Fas0/32)Local Intrfrce信息为Fas0/3 ,此时 需结合MAC地址表查找~最终结果如下:sw-ac3#show mac Mac Address Table-------------------------------------------Vlan Mac Address Type Ports---- ----------- -------- ----- 1 0001.c9e5.be01 DYNAMIC Fa0/3Tips:ctrl+U: 删除一行 ~~ctrl+a:将光标移到首位 ctrl+e:移到末尾ctal+z:退出配置模式,返回到EXEC模式。Reference:1) CDP cisco专用协议,可用于获取相邻设备上的硬件和协议信息。这些信息可用于排除故障和记录网络信息。2) Port ID:对端设备上接口。我们所看到的内容都是与我们直接相连设备的。3) Platform:直接相邻设备的类型。4) show cdp entry *的 两个专项命令: a)sw-ac3#show cdp entry * Protocol 仅可显示每个直连设备的 IP地址 b)sw-ac3#show cdp entry * version 可给出每个直连设备上运行的 IOS版本信息Keyword: VLAN Trunking Protocol | VLAN中继协议 | 虚拟局域网干道协议