From: Sean C (Upp_and_Upp@hotmail.com)
Date: Fri Sep 30 2005 - 12:50:22 GMT-3
First question I think would need to be asked if the switched environment is
only 1 vlan or multiple vlans. I would think the interview saying 'switched
environment' would make me think of only one Vlan. But with the routers
involved, I'd start to think there were possibly multiple vlans. The reason
I would ask this, if all in 1 vlan you should be able to find the IP from
any switch on the network. But if using multiple vlans, and assuming you're
on 1 vlan and the mac in question is on a different vlan, you can't
ascertain the IP the same way. If you knew the IP, like you mentioned, you
at least could figure out the next hop's mac, go to that device and repeat
the process to find the final device. My gut assumption would be just 1
Vlan. I'd clarify the question (was the interviewer a CCIE proctor?) ;-)
If on one Vlan, let's say you're on Switch1 and switch10 is the switch with
the PC locally attached that has the noisy NIC. If on Switch1, you do a
'show mac-add | i <mac-address>, you'll see the IP of the PC.
In this instance, my PC is on switch 5, which trunks to switch 4, which
trunks to switch3, which trunks to switch2, which trunks to switch 1. All
switches are on the same vlan - vlan 10. When I'm on Switch1 and do a
'show mac-add | i <my PC mac>', I see the MAC address of my PC, not of any
of the switches in between us:
Switch1#sh arp | i 111a.95d3
Internet 10.10.10.203 2 0011.111a.95d3 ARPA VLAN10
c:\>ipconfig
Physical Address. . . . . . . . . : 00-11-11-1A-95-D3
If I try to search for a mac on a different Vlan - it 'may' be a different
story.
HTH,
Sean
----- Original Message -----
From: "Deep Ratan" <deep.ratan@gmail.com>
To: <ccielab@groupstudy.com>
Sent: Friday, September 30, 2005 11:04 AM
Subject: Re: layer-2 interview question
> does "show cam" display mac address of A) machines directly connected to
> the
> switch ports of the switch or B) machines on all vlans across all switches
> in those vlans?
>
> If B) is true, the output of that command could have 10,000 entries.
>
> On 9/30/05, Adam S. Roth <adam@therothfamily.net> wrote:
>>
>> Show cam
>>
>> This email message and any attachments are intended for the use of the
>> addressee(s) indicated above. Information that is privileged or otherwise
>> confidential may be contained herein. If you are not the intended
>> recipient(s), you are hereby notified that any dissemination, review, or
>> use
>> of this message, documents, or information contained herein is strictly
>> prohibited.
>>
>>
>>
>>
>>
>> -----Original Message-----
>> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
>> Deep
>> Ratan
>> Sent: Friday, September 30, 2005 10:48 AM
>> To: ccielab@groupstudy.com
>> Subject: layer-2 interview question
>>
>>
>> Hi Everyone,
>> Sorry to ask a networking-101 question but being a WAN guy, I haven't
>> been
>> working with switches in the past few years. An interviewer asked me this
>> question, "If I give you a MAC address that is causing a broadcast storm,
>> how will you locate the culprit in a switched environment that has
>> several
>> dozen switches and routers?"
>>
>> I replied, "You'll need to give me a layer-3 address so I can trace it to
>> the right switch/router and then look up the ARP table to see on what
>> port
>> the offending machine lives" The interviewer didn't like the answer. In
>> retrospect, I should probably have said, "A broadcast storm renders the
>> network unusable, so I'll start with looking at my network management
>> station to see what LAN segment is giving off a critical alarm"
>>
>> Anyway, my question to members of groupstudy is this: In an environment
>> with
>> several dozen switches, if you're given just a MAC address, can you find
>> out
>> where the machine lives?
>>
>> thanks, Deep
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sun Oct 02 2005 - 14:40:17 GMT-3