03-03-2021 06:32 PM
I love the sh iparp command, lightyears ahead of what we had on our older cisco 3750 switches.
Heres a scenerio for you, lets say you have a vlan in an access switch stack of 5520 EXOS switches. The vlan on this access switch does not have an IP address because there’s no need to “waste” or “burn” one on the switch (it already has IP interfaces in other vlans, enough is enough already)…
This vlan is trunked down to a core, a set of X690’s with core licensing. See where I’m going at… theres no need for an ip interface on the particular vlan in question becuase its trunked down to the core where it has a path to its dhcp server and internet.
If this is the case and you sh iparp port 1:13 for example, you won’t get an IP. The only way you would get an IP is if you add an IP address on the access switch (5520) in that vlan. But if IP’s in that VLAN are precious real-estate, and you don’t want any switch management inferface exposed to that vlan anyway, how could you work around sh iparp command?
If I put the port into a different vlan that the switch has an ip interface for, then yes sh iparp will show the IP address and mac address of the equipment plugged into that port.
Would love to know what workaround you have to this limitation. Perhaps some kind of “snooping” command of some sort?
Solved! Go to Solution.
03-03-2021 07:07 PM
Hello Keith,
you do not need an workaround.
You can use the command:
enable nodealias ports <all | port-list>
and after some minutes you can see the IP on the ports with:
show nodealias ports <all | port-list>
03-03-2021 08:37 PM
Hello Keith,
it is no problem to enable node alias on all ports. There are some limitations but these limitations do not affect the performance.
Per slot the switch can only inspect 100 packets per second. It the rate exceeds 100pps the packets are dropped.
Per slot 8192 entries are capable. Per default if you have an 48 Ports per port 170 entries are possible (but this is confurable).
03-03-2021 08:23 PM
wow interesting so here’s an example
sh iparp port 1:13 did show two ip’s a phone and another device in vlan3. The switch has an ip in vlan 3 and the voice vlan as well. Not that I need those but I reserved IP’s for iparp.
I ran your command now sh iparp port 1:13 was blank. Those entries gone. I ran it again and now it shows the mac and IP of a storage array in our datacenter (WEIRDLY) that is on a differnet vlan. (vlan 1, but this port is only in vlan 3 and 172.).
So then I read your command more closely and I ran show nodealias ports 1:13 and voila, there’s the ip and mac address.
Pretty nice, I think I may want to enable this on all our EXOS switches. This should let me free up those two IP addresses that this access switch does not need. It only needs a management ip in vlan 1.
No caveats to enabling this on all ports right? I did enable nodealias ports all. Even the sharing port 1:57 (1:57,2:57) that are the uplink down to the core switch on another floor.
03-03-2021 07:07 PM
Hello Keith,
you do not need an workaround.
You can use the command:
enable nodealias ports <all | port-list>
and after some minutes you can see the IP on the ports with:
show nodealias ports <all | port-list>