Help to get a network map

THE.ALFISTITHE.ALFISTI Member Posts: 11 ■□□□□□□□□□
icon_cry.gif Hi Masters

I'm assigned to draw a factory network map.
There is a core , distribution and access layers , the old administrator did not left any map or something to help.
Seen the approach of deadline I'm searching for a tool that can give the existing map or to let me do a network discovery by the end to have the MAP requested.

My unique tools are the Cisco commands like : sh cd neighbors / detail or sh int br

Thanks for understanding


  • sratakhinsratakhin Member Posts: 818
    That's all you need. I was looking for software that will draw the network topology, but the resulting maps were barely useful. Also, if you have devices that don't support CDP/LLDP, just use sh mac command. If there are multiple MAC addresses, there is a switch or hub attached. Check its MAC address and find out what brand it is.
  • HondabuffHondabuff Member Posts: 667 ■■■□□□□□□□
    Try Angry IP scanner.
    “The problem with quotes on the Internet is that you can’t always be sure of their authenticity.” ~Abraham Lincoln
  • THE.ALFISTITHE.ALFISTI Member Posts: 11 ■□□□□□□□□□
    Thanks for your reply.
    All the PARC is composed by cisco switches some 3750 and 2960 onces. But i'm astonsihed a switch is having 3 ip addresses.
    I'm using Putty as tool to get the run config on the switches.

    the command to know the stack switches please
  • sratakhinsratakhin Member Posts: 818
    Probably management IP addresses used on different VLANs.
  • THE.ALFISTITHE.ALFISTI Member Posts: 11 ■□□□□□□□□□
    Hi Sratakhin
    i did not get you , if Vlans , yeah there are many ones.
    Ok what is the best command to troubleshoot a switch i'm nearby dead with this mission

    i used IP angry , i'm not so happy ; the best is scanning a scope of dhcp from Ad server.
    by searching i've find solarwind ?
    Have some one used it before ?

    help is much appreciate
  • sratakhinsratakhin Member Posts: 818
    The best commands are CDP (for Cisco and some HPs) and LLDP (for other vendors). Then log in to the switches it found and repeat the process until you have the complete map.
    Solarwinds is great for monitoring, but check out their pricing. They have a tool for mapping networks, but it produced a really weird map when I used it.
  • THE.ALFISTITHE.ALFISTI Member Posts: 11 ■□□□□□□□□□
    Please am i wrong by doing this ?
    1- i log on into a switch
    2- get the running config
    3- launch command sh cdp neighbors
    4- then sh intervlan command to see the vlans and their IP scope
    are my steps correct or not ?
    ok please is there a way that can help me to be more quick ?
  • azaghulazaghul Member Posts: 569 ■■■■□□□□□□
    I had to do the same recently in 3 data centres: 6509 core switches, 3750 distribution/access switches, 29x0 management switches, 3xxx blade switches, nexus 5548 switches & extenders, F5 load balancers, ASA, Juniper.

    Those steps are about the same as I followed;

    show run
    show cdp neighbours
    show cdp neighbours detail
    show vlan brief
    show inventory

    Angry IP and the like will work in some cases, but then it comes down to company security polices for network detection software.

    show cdp neighbours (detail) will only get you so far (if it is enabled), as I unfortunately found out only an eyeball is fully effective (easier if all cables are labeled), just very tedious

    show inventory works well for stacked switches, shows how many and what IOS

    once complete, don't forget to add an interface description for all links.
  • THE.ALFISTITHE.ALFISTI Member Posts: 11 ■□□□□□□□□□
    Hi Azaghul

    thks for the commands , i've 9 site to documents , it's not easy to do that.
    also i found errors on switch names
    in my office , SNMP is not enabled so i can not use tools like solarwind

    is there any other tool that can help ?
  • azaghulazaghul Member Posts: 569 ■■■■□□□□□□
    No tools I can think of that don't use SNMP. icon_sad.gif

    Before getting too deep into the mapping, it pays in the long run to have a set of standards for all devices:

    interface descriptions
    local passwords

    These settings you can drop into each config as you go. Yep, its a chore, but in the long run it will make life much easier to monitor the network.

    It also helps starting at the branch offices, smaller sites to get your processes down pat.
  • sratakhinsratakhin Member Posts: 818
    Local passwords... to much hassle to change them when needed. If you want to go as far as putting the interfaces' descriptions, set up a simple RADIUS server for authentication. Windows Server with IAS is pretty easy.
  • azaghulazaghul Member Posts: 569 ■■■■□□□□□□
    sratakhin wrote: »
    Local passwords... to much hassle to change them when needed. If you want to go as far as putting the interfaces' descriptions, set up a simple RADIUS server for authentication. Windows Server with IAS is pretty easy.

    True, but you still need a fallback solution if all else fails. And if he has to login to every device, might as well get as much bang for buck in the way of standard config. Just my 2c...
Sign In or Register to comment.