Netkiller Cisco IOS 手札
2009-12-12
版权 © 2009, 2010, 2011 Neo Chan
版权声明
转载请与作者联系,转载时请务必标明文章原始出处和作者信息及本声明。
 |
文档出处: http://netkiller.sourceforge.net/ | http://netkiller.github.com
文档最近一次更新于 Tue Nov 29 11:45:42 UTC 2011
下面是我多年积累下来的经验总结,整理成文档供大家参考:
Java代码
- 当你空降到一家新公司,一般情况下都是,工作一团乱麻,前任迫不及待的等待工作交接或者工作转移,
Java代码
- 等着你去救火,如果工作井然有序,公司也不能去招聘新人。
Java代码
- 所有当你看到一团乱麻的网络与服务器,束手无策,你想重新整理,又不能影响现有业务。
Java代码
- 怎样快速寻找交换机端口对应的服务器。我使用过很多方法(不能中断网络,所有不能使用寻线设备),开始show arp
Java代码
- show mac地址表,寻找对应关系,比较麻烦。
Java代码
- 后来想到CDP协议,采用tcpdump 抓包,可以快速看到服务器插在那个交换机端口上。
Java代码
- $ sudo tcpdump -nn -v -i eth0 -s 1500 -c 1 'ether[20:2] == 0x2000'
- [sudo] password for neo:
- tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 1500 bytes
- 13:51:31.825893 CDPv2, ttl: 180s, checksum: 692 (unverified), length 375
- Device-ID (0x01), length: 7 bytes: '4A3750G'
- Version String (0x05), length: 182 bytes:
- Cisco IOS Software, C3750 Software (C3750-IPBASE-M), Version 12.2(35)SE5, RELEASE SOFTWARE (fc1)
- Copyright (c) 1986-2007 by Cisco Systems, Inc.
- Compiled Thu 19-Jul-07 19:15 by nachen
- Platform (0x06), length: 23 bytes: 'cisco WS-C3750G-24TS-1U'
- Address (0x02), length: 13 bytes: IPv4 (1) 193.168.0.254
- Port-ID (0x03), length: 21 bytes: 'GigabitEthernet1/0/15'
- Capability (0x04), length: 4 bytes: (0x00000029): Router, L2 Switch, IGMP snooping
- Protocol-Hello option (0x08), length: 32 bytes:
- VTP Management Domain (0x09), length: 3 bytes: 'xiu'
- Native VLAN ID (0x0a), length: 2 bytes: 11
- Duplex (0x0b), length: 1 byte: full
- AVVID trust bitmap (0x12), length: 1 byte: 0x00
- AVVID untrusted ports CoS (0x13), length: 1 byte: 0x00
- Management Addresses (0x16), length: 13 bytes: IPv4 (1) 193.168.0.254
- unknown field type (0x1a), length: 12 bytes:
- 0x0000: 0000 0001 0000 0000 ffff ffff
- 1 packets captured
- 1 packets received by filter
- 0 packets dropped by kernel
Java代码
- <span style="line-height: 19px;">$ sudo tcpdump -nn -v -i eth0 -s 1500 -c 1 'ether[20:2] == 0x2000' | grep GigabitEthernet
- [sudo] password for neo:
- tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 1500 bytes
- Port-ID (0x03), length: 21 bytes: 'GigabitEthernet1/0/15'
- 1 packets captured
- 1 packets received by filter
- 0 packets dropped by kernel</span><span style="font-family: Simsun; font-size: small;"><span style="line-height: 19px;">
- </span></span>
运行命令后显示
Java代码
- <span style="line-height: 19px;">Port-ID (0x03), length: 21 bytes: 'GigabitEthernet1/0/15'</span>
这个就是交换机对应的端口
在每个服务器上创建一个脚本port.sh
tcpdump -nn -v -i eth0 -s 1500 -c 1 'ether[20:2] == 0x2000' | grep GigabitEthernet
然后批量执行
for ip in {23..32} {49,50,53,54} {81..92} {121..127}; do rsh remote@10.10.0.$ip port.sh & done &
