Does anybody know if there is an SNMP equivalent of the "show arp" CLI command in the 3100 series routers?
I need to get IP addresses and MAC addresses of connected LAN clients.
I know this should be easy, but I'm still learning how to read MIBs. =\
Thanks!
It's a standard RFC1213 MIB.
.1.3.6.1.2.1.4.22.1.2
or
ipNetToMediaPhysAddress
OBJECT-TYPE
-- FROM RFC1213-MIB, IP-MIB
-- TEXTUAL CONVENTION PhysAddress
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS Mandatory
DESCRIPTION "The media-dependent `physical' address."
::= { iso(1) org(3) dod(6) internet(1) mgmt(2) mib-2(1) ip(4)
ipNetToMediaTable(22) ipNetToMediaEntry(1) 2 }
If you know the ifIndex and IP address for which you want the MAC, then you do an snmpget of .1.3.6.1.2.1.4.22.1.2.ifIndex.ip.add.re.ss
If you don't then do an snmpwalk of .1.3.6.1.2.1.4.22.1.2 which will return all entries.
The number before the dot immediately before the first octet of the IP address in an snmpwalk is the interface index on which the ARP entry was learned. You can match this to an interface description with
ifDescr.[number]
or
.1.3.6.1.2.1.2.2.1.2.[number]
Where [number] is the number before the IP address.
It's a standard RFC1213 MIB.
.1.3.6.1.2.1.4.22.1.2
or
ipNetToMediaPhysAddress
OBJECT-TYPE
-- FROM RFC1213-MIB, IP-MIB
-- TEXTUAL CONVENTION PhysAddress
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS Mandatory
DESCRIPTION "The media-dependent `physical' address."
::= { iso(1) org(3) dod(6) internet(1) mgmt(2) mib-2(1) ip(4)
ipNetToMediaTable(22) ipNetToMediaEntry(1) 2 }
If you know the ifIndex and IP address for which you want the MAC, then you do an snmpget of .1.3.6.1.2.1.4.22.1.2.ifIndex.ip.add.re.ss
If you don't then do an snmpwalk of .1.3.6.1.2.1.4.22.1.2 which will return all entries.
The number before the dot immediately before the first octet of the IP address in an snmpwalk is the interface index on which the ARP entry was learned. You can match this to an interface description with
ifDescr.[number]
or
.1.3.6.1.2.1.2.2.1.2.[number]
Where [number] is the number before the IP address.
That's fantastic, the haze is becoming clearer, thanks a ton!
This actually also solves my other issue, making sure devices are on the right interface for their VLAN.
Good stuff!
Happy to help. In my experience the "S" in "SNMP" is usually a lie.
Keep in mind that ARP entries are dynamic and age out after 20 minutes by default, so when you do your SNMP poll it will be a snapshot of the situation at the time.