Re: IP address conflicts / locating

[Christopher Misra <cmisra () NIC UMASS EDU>]

> I've asked if we can get a tool which will take as input the IP
> address, and give the switch port where this IP is active, identify
> where this switch is, and further identify to which building and room
> that port connects.  Do other schools have this ability, or am I
> asking for too much?

We've had this capability in our toolset for quite a number of years.
It runs under the hood of most of our incident identification,
notification, and remediation toolsets. It is based on SNMP calls
through a perl script and very site localized, but the logic is
transportable.

A few things that make it easier for us is homogeneity of edge switches,
 network registration (netreg), and a robust database that maps
switchport to building, room, jack.

The rough process is to query an arp database for MAC-IP mappings dumped
periodically from the router. The logic is to start at the router, query
the 802.1d bridging MIB for the forwarding interface, query the
forwarding interface for the next downstream switching device, and
iterate until the end of the chain. In our case, since we have a
consistent switch vendor, we are able to use vendor-specific protocol to
identify the next downstream switching device, however this could
probably be abstracted away.

Using this, we are able to pass in an IP address and return switch,
port, user, building, room, jack #, etc, in near realm time. I takes on
order 5-10 seconds to run but is very accurate.

                                -chris