PowerScale: How to collect switch information using Tcpdump

Summary: This article describes how to collect basic switch information using packet capture tools.

Acest articol se aplică pentru Acest articol nu se aplică pentru Acest articol nu este legat de un produs specific. Acest articol nu acoperă toate versiunile de produs existente.
Consultați alte resurse

Instructions

It is common for Ethernet network switches to broadcast port information such as port name, port description, system name, system description, and native vlan. Cisco Discovery Protocol (CDP) is proprietary to Cisco's switch platform. Link Layer Discovery Protocol (LLDP) is more of an industry standard. 

For more information about this topic:
CDP - https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/cdp/configuration/15-mt/cdp-15-mt-book/nm-cdp-discover.html
LLDP - https://www.cisco.com/c/en/us/td/docs/routers/ncs4000/software/configure/guide/configurationguide/configurationguide_chapter_0111011.pdf

This information can assist an Engineer in identifying what switch port a nodes interface might be connected to physically. There are times that a cable can be plugged into the incorrect switch port, or port channels can be configured with incorrect physical ports. Identifying the ports can help a Network Engineer quickly see what is configured on those interfaces and if they are correct.  

"Caveats/Gotchas"

  • The tcpdump command SHOULD NOT run on logical interfaces. Such as laggX or vlanX as the information is pertinent only to the physical interfaces.
  • The tcpdump command SHOULD run only on physical interfaces. Those are 1G, 10G, 25G, 40G, and so on
  • It is BEST to collect data in interface pairs. This means that if investigating an aggregation issue on mce interfaces, collect from mce2, then mce3. 
  • If the interface status on the node is "no carrier," then no packets well be received. This should be addressed as a physical issue first.
  • CDP/LLDP traffic (slow) is sent from the switch port between 25-35 seconds.  
  • If there is no output after 120 seconds of starting the tcpdump, end the command. It is likely the switch is not sending the packet.


The following tcpdump command listens for the CDP packets only, print the packet, then stop running (enter the interface manually):

tcpdump -ni <iface> -v -s0 -c1 '(ether[20:2]=0x2000)'

The following tcpdump command listens for LLDP packet only, print the packet, then stop running (enter the interface manually):

tcpdump -ni <iface> -v -s0 -c1 '(ether[12:2]=0x88cc)'

The following tcpdump command listens for LLDP and CDP packets, print the first packet received, then stop running (enter the interface manually):

tcpdump -ni <iface> -v -s0 -c1 '(ether[12:2]=0x88cc or ether[20:2]=0x2000)'

 

Additional Information

Which command to use varies on the switch vendor.

Example CDP (output may vary):

isilon-1# tcpdump -ni cxgb0 -v -s0 -c1 '(ether[20:2]=0x2000)'
tcpdump: WARNING: cxgb0: no IPv4 address assigned
tcpdump: listening on cxgb0, link-type EN10MB (Ethernet), capture size 65535 bytes
13:09:18.942158 CDPv2, ttl: 180s, checksum: 692 (unverified), length 248
        Device-ID (0x01), length: 25 bytes: 'nx-5k(XXXXXXXXXXX)'
        Address (0x02), length: 13 bytes: IPv4 (1) Y.Y.Y.Y
        Port-ID (0x03), length: 11 bytes: 'Ethernet1/2'
        Capability (0x04), length: 4 bytes: (0x00000228): L2 Switch, IGMP snooping
        Version String (0x05), length: 66 bytes:
          Cisco Nexus Operating System (NX-OS) Software, Version 4.1(3)N2(1)
        Platform (0x06), length: 14 bytes: 'N5K-C5010P-BFS'
        Native VLAN ID (0x0a), length: 2 bytes: 1XX
        Duplex (0x0b), length: 1 byte: full
        MTU (0x11), length: 4 bytes: 1500 bytes
        System Name (0x14), length: 12 bytes: 'nx-5k'
        System Object ID (not decoded) (0x15), length: 14 bytes:
          0x0000:  XYXY XYXY XYXY XYXY XYXY XYXY XYXY
        Management Addresses (0x16), length: 13 bytes: IPv4 (1) Y.Y.Y.Y
        Physical Location (0x17), length: 13 bytes: 0x00/snmplocation
1 packet captured
25 packets received by filter
0 packets dropped by kernel

Example LLDP (output may vary):

isilon-1# tcpdump -ni ix0 -v -s0 -c1 '(ether[12:2]=0x88cc)'
tcpdump: WARNING: ix0: no IPv4 address assigned
tcpdump: listening on ix0, link-type EN10MB (Ethernet), capture size 65535 bytes
18:12:46.442857 LLDP, length 282
		Chassis ID TLV (1), length 7
		Subtype MAC address (4): xy:xy:xy:xy:xy:xy
		Port ID TLV (2), length 13
		Subtype Interface Name (5): Ethernet1/13
		Time to Live TLV (3), length 2: TTL 120s
		Port Description TLV (4), length 12: isi_node
		System Name TLV (5), length xy: XXXXXX
		System Description TLV (6), length 161
		Cisco Nexus Operating System (NX-OS) Software ...truncated
		System Capabilities TLV (7), length 4
		System Capabilities [Bridge, Router] (0x0014)
		Enabled Capabilities [Bridge, Router] (0x0014)
		Management Address TLV (8), length 12
		Management Address length 5, AFI IPv4 (1): Y.Y.Y.Y
		Interface Index Interface Numbering (2): 1
		Organization specific TLV (127), length 5: OUI Unknown (0x000142)
		0x0000: 0001 XYXY XY
		Organization specific TLV (127), length 6: OUI Ethernet bridged (0x0080c2)
		Port VLAN Id Subtype (1)
		port vlan id (PVID): 1XX
		Management Address TLV (8), length 14
		Management Address length 7, AFI 802 (6): xy:xy:xy:xy:xy:xy
		Interface Index Interface Numbering (2): 1
		End TLV (0), length 0
1 packet captured
3 packets received by filter
0 packets dropped by kernel

Produse afectate

Isilon, PowerScale OneFS
Proprietăți articol
Article Number: 000157863
Article Type: How To
Ultima modificare: 31 Dec 2025
Version:  5
Găsiți răspunsuri la întrebările dvs. de la alți utilizatori Dell
Servicii de asistență
Verificați dacă dispozitivul dvs. este acoperit de serviciile de asistență.