2

Currently you have to search the entire forwarding database table because the SNMP key contains the MAC address while the SNMP value contains the port number:

snmpbulkwalk -c public -v 2c switch 1.3.6.1.2.1.17.4.3.1.2 | grep "INTEGER: 123"
0.34.107.48.216.142 = INTEGER: 123
^^^^^^^^^^^^^^^^^^^ MAC Address in decimal on port 123

Does a standard SNMP subtree containing a "Port -> MAC" association perhaps exist? Or is there a more efficient way to do this?

That way you would not have to snmpwalk the switch but could concisely query for a certain port, which would certainly alleviate the load on the switch's CPU and also accelerate the queries.

Background

I'm currently trying to find out what kind of burden a NAC (Network Access Control device) performing a MAC authentication would put on the devices.

Please don't tell me MAC auth is not secure. I know. But you have to start somehow.

I know you can also use Radius (which transmits the MAC address directly). Not sure however what would happen in that case when someone plugs in a "dumb" switch = more than one device/MAC.

Let's stick to the fact that this would be a generic NAC that receives snmp traps when the link comes up and then does its work.

Improve this question
1
  • A switch MAC address table is by the MAC address because there will only be one port per MAC address, but ports can have multiple MAC addresses.
    – Ron Maupin
    Commented Mar 29, 2016 at 22:32

1 Answer 1

Reset to default
1

I guess the answer is that there is no answer, except that there is no standard that has stated this requirement.

Instead, you have to perform half a dozen lookups like this when you'd like to use SNMP or some management GUI (which often use snmp in their backend) while the CLIs normally have a command ready to just show the addresses in one single step.

Improve this answer

Not the answer you're looking for? Browse other questions tagged or ask your own question.