7.3.7 Lab - View The Switch Mac Address Table
Examining the MAC address table of a network switch is fundamental to understanding network behavior and troubleshooting connectivity issues. This article will guide you through the process of viewing the MAC address table on a typical network switch, providing a structured approach to interpreting the information presented.
Accessing the Switch's Command-Line Interface (CLI)
The primary method for viewing a switch's MAC address table is through its command-line interface (CLI). Accessing the CLI typically involves using a console connection, Telnet, or SSH.
Console Connection
A console connection provides direct access to the switch's operating system. It generally requires a serial cable (usually RJ-45 to DB9) and terminal emulation software like PuTTY or Tera Term.
Must Read
- Connect the serial cable from your computer to the switch's console port.
- Open your terminal emulation software.
- Configure the software with the following settings:
- Baud rate: 9600
- Data bits: 8
- Parity: None
- Stop bits: 1
- Flow control: None
- Press Enter. You should be presented with a login prompt.
Telnet
Telnet provides remote access to the switch over a network. However, it is generally considered insecure as it transmits data in plain text. Enable and use Telnet only when absolutely necessary, preferably in a secure, isolated lab environment.
- Ensure Telnet is enabled on the switch. This usually involves configuring an IP address on a VLAN interface and enabling Telnet access with a password. The specific commands will vary depending on the switch vendor.
- Open a command prompt or terminal on your computer.
- Type
telnet [switch_ip_address], replacing[switch_ip_address]with the actual IP address of the switch. - Enter the password when prompted.
SSH
SSH (Secure Shell) provides secure remote access to the switch, encrypting all data transmitted between the client and the switch. SSH is the recommended method for remote access.
- Ensure SSH is enabled on the switch. This typically involves generating an RSA key pair on the switch and configuring a username and password or utilizing key-based authentication. The specific commands will vary depending on the switch vendor.
- Open an SSH client such as PuTTY.
- Enter the switch's IP address in the hostname field.
- Select SSH as the connection type.
- Click "Open."
- Enter the username and password when prompted.
Viewing the MAC Address Table
Once you have accessed the switch's CLI, you can use specific commands to view the MAC address table. The exact command may vary slightly depending on the switch vendor (e.g., Cisco, Juniper, HP/Aruba), but the general principle remains the same.
Cisco Switches
On Cisco switches, the command to view the MAC address table is show mac address-table. Entering this command in privileged EXEC mode will display the MAC address table.
Example:
Switch# show mac address-table
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
1 000a.9500.abcd DYNAMIC Fa0/1
1 000b.8500.efgh DYNAMIC Fa0/2
1 000c.7500.ijkl DYNAMIC Fa0/3
10 000d.6500.mnop DYNAMIC Gi0/1
10 000e.5500.qrst DYNAMIC Gi0/2
Total Mac Addresses for this criterion: 5
Juniper Switches
On Juniper switches, the command to view the MAC address table is show ethernet-switching table. Entering this command in operational mode will display the MAC address table.
Example:
user@switch> show ethernet-switching table
MAC table:
Vlan Mac Address Type Age Interfaces
default 00:0a:95:00:ab:cd Learn 0 ge-0/0/1.0
default 00:0b:85:00:ef:gh Learn 0 ge-0/0/2.0
default 00:0c:75:00:ij:kl Learn 0 ge-0/0/3.0
vlan10 00:0d:65:00:mn:op Learn 0 xe-0/0/0.0
vlan10 00:0e:55:00:qr:st Learn 0 xe-0/0/1.0
HP/Aruba Switches
On HP/Aruba switches, the command to view the MAC address table is show mac-address or show mac-address-table. Entering this command in privileged EXEC mode will display the MAC address table.
Example:
switch# show mac-address
MAC Address Table
VLAN MAC Address Type Port
----- ------------------- ---------- --------
1 00-0a-95-00-ab-cd Learned 1
1 00-0b-85-00-ef-gh Learned 2
1 00-0c-75-00-ij-kl Learned 3
10 00-0d-65-00-mn-op Learned 25
10 00-0e-55-00-qr-st Learned 26
Interpreting the MAC Address Table Output
The output of the show mac address-table (or equivalent) command typically includes the following information:
- VLAN: The VLAN to which the MAC address belongs.
- MAC Address: The Media Access Control (MAC) address of the device.
- Type: Indicates how the MAC address was learned. Common types include:
- Dynamic: The MAC address was learned dynamically by the switch listening to network traffic.
- Static: The MAC address was manually configured on the switch.
- Secure: The MAC address was learned through port security mechanisms.
- Port: The switch port through which the MAC address was learned.
- Age: The amount of time (in seconds) since the MAC address was last seen. This value is often associated with dynamically learned addresses. If the age reaches a maximum value without being refreshed, the MAC address is removed from the table. (Not always displayed)
By examining the MAC address table, you can determine which devices are connected to which ports on the switch. This information is crucial for:
- Troubleshooting connectivity issues: If a device cannot communicate with the network, you can check the MAC address table to verify that the switch has learned the device's MAC address and that it is associated with the correct port.
- Identifying unauthorized devices: You can compare the MAC addresses in the table to a list of known devices to identify any unauthorized devices that may be connected to the network.
- Network security: The MAC address table can be used to implement port security measures, such as limiting the number of MAC addresses that can be learned on a particular port.
- Network Mapping: Quickly map which devices are connected to which port.
Filtering the MAC Address Table
Most switches allow you to filter the MAC address table output to display only specific entries. This can be useful for troubleshooting or when dealing with large networks.
Example (Cisco):
show mac address-table vlan 10- Displays only MAC addresses associated with VLAN 10.show mac address-table address 000a.9500.abcd- Displays only the entry for the MAC address 000a.9500.abcd.show mac address-table interface fa0/1- Display only entries learned on the FastEthernet 0/1 interface.
Practical Applications and Insights
Understanding the MAC address table extends beyond network administration. It provides valuable insights into how networks function and how devices communicate. Consider the following:
- Home Network Troubleshooting: If a device on your home network is not connecting to the internet, checking your router's ARP table (which is similar to a switch's MAC address table) can help you identify if the router has learned the device's MAC address and assigned it an IP address.
- Security Awareness: Being aware of MAC addresses and how they are used can help you protect your network from unauthorized access. For example, you can configure your router to only allow devices with specific MAC addresses to connect.
- Understanding Network Basics: Learning about the MAC address table provides a foundational understanding of Ethernet networking and how switches learn the location of devices on the network.
By mastering the skill of viewing and interpreting the MAC address table, you gain a powerful tool for network troubleshooting, security, and understanding the fundamental principles of network communication. Regularly examining this table can prevent disruptions and enhance overall network performance.
