2019年10月16日
tcpdump抓包分析LLDP协议
有时候需要知道服务器连接到了哪个交换机的哪个端口。这是如果连接的交换机支持LLDP或CDP协议,并启用了该协议。那我们就可以用过tcpdump来抓取物理连接信息。
http://noops.me/?p=1184 一个采集服务器所接交换机端口信息的脚本(支持CISCO和H3C的交换机)- 使用tcpdump分析lldp协议报文
http://mini.eastday.com/mobile/190324021029603.html# 使用tcpdump抓取LLDP包得到网络拓扑
对于LLDP,协议号是0x88cc。tcpdump抓一个包就够了。
tcpdump -i eth0 ether proto 0x88cc -A -s0 -t -c 1
从tcpdump只能粗略看报文中的asc码,详细的LLDP报文可以保存下来,用wireshark看。
上联S5720,配置了vlan
VLAN 0001不是指vlan 1,而是vlan的名字,vlan id是100。具体可以用wireshark查看。
#tcpdump -i eth0 ether proto 0x88cc -A -s0 -t -c 1 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes LLDP, length 362: ASW-A002-A07-S-1 ....3.......GigabitEthernet0/0/41...x.."Link_to_xxx_Server" .ASW-A002-A07-S-1..S5720-52P-LI-AC Huawei Versatile Routing Platform Software VRP (R) software, Version 5.170 (S5720 V200R011C10SPC600) Copyright (C) 2000-2018 HUAWEI TECH Co., Ltd........... .%.....9...+.....[..)............ ................. VLAN 0001. .....|............. ...............$... 1 packet captured 1 packet received by filter 0 packets dropped by kernel
上联CE6855,端口没有配置vlan
可以看见交换机名、端口名、端口描述、版本号。
#tcpdump -i eth0 ether proto 0x88cc -A -s0 -t -c 1 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes LLDP, length 341: ASW-VM-G1-1 ...$.m......10GE1/0/33...x.."Link_to_server#1" .ASW-VM-G1-1..Huawei Versatile Routing Platform Software VRP (R) software, Version 8.150 (CE6855HI V200R002C50SPC800) Copyright (C) 2012-2017 Huawei Technologies Co., Ltd. HUAWEI CE6855-48S6Q-HI .......... .X.....=...+.....[..)....................... .......... ...............$... 1 packet captured 13 packets received by filter 0 packets dropped by kernel
上联CE6855,配置了vlan
这里的VLAN10是指vlan id 10。
#tcpdump -i eth0 ether proto 0x88cc -A -s0 -t -c 1 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes LLDP, length 332: ASW-A002-A01 ...`....1. .10GE1/0/1...x .ASW-A002-A01..Huawei Versatile Routing Platform Software VRP (R) software, Version 8.150 (CE6855HI V200R002C50SPC800) Copyright (C) 2012-2017 Huawei Technologies Co., Ltd. HUAWEI CE6855-48S6Q-HI .......... }r.....>...+.....[..)............ .......... .VLAN10. .......... ...............$... 1 packet captured 69 packets received by filter 22 packets dropped by kernel