You need to look at the respective routers ARP tables for that information. Hosts employing SNMP or WMI may be able to be queried for more information, so that might form the basis of a discovery script (after an initial nmap scan to determine IP addresses of connected hosts present). Another ‘hybrid’ option might be to have a host (eg Raspberry Pi) in each subnet that can collect the IP and MAC addresses and share these to your Linux machine via some method.
SNMP is anything but easy.
I have read some tutorials but I don’t see by what to begin.
I have installed munin but I don’t know if it is usefull.
I don’t understand the relationship between snmp and mibs.
I suppose that I must enable and configure snmp on each router.
I need some tutorials on SNMP which should be more developed in the explanations than the one’s i read.
Because these are routing devices, then each network has its own unique NetworkID.
Simplest is to simply run a network scanner against that particular network, as long as the device doing the scanning can “see” the network, everything about the found machines should be retrievable including IP addresses and MAC addresses (can also be anything and everything else the machine is willing to divulge).
SNMP is the protocol (ie Simple Network Management Protocol).
The MIB is the database used to define and store the specific metrics desired. MIBs are generally published for specific needs on particular devices, then SNMP applications can query the device for that information. As you’ve noticed, if you don’t install the kind of MIB you want on that particular device, then that device, you won’t be able to use SNMP to query that device.
As I described, it’s not really the best approach for the question you asked, but SNMP is more often used manage (display readings, make changes to) network devices.
I’ve already mentioned the router inspection approach. You haven’t’ really illuminated what access you have to these networks, hence we’re left to speculate. The suggestion to use nmap won’t help with respect to MAC addresses of hosts connected to other networks. My last suggestion about using a monitoring device within each network that you can connect to is probably the most pragmatic way to get collated IP/MAC information.
While it wouldn’t be my first approach either, I have seen such methods employed to derive such information via the use of snmpwalk interrogation switches and routers connected to remote networks.
Is there an internet terminating device (as might be used to terminate an optical dircuit) with multiple isolated Ethernet ports, connected to the WAN ports of each of the three routers?
Or is there a single (e.g. DSL) feed to the modem port of router-0, with router-0 having multiple Ethernet ports configured as a LAN switch, and two of these LAN ports connected to the WAN ports of router-A and router-B? This means that router-0 must be configured with three local network addresses (e.g. eth0:2 192.168.2.1/24, eth0:3 192.168.3.1/24 and eth0:4 192.168.4.1/24) if it is to act as an Internet gateway for the three LANs.
In the latter case the putative Linux host can be furnished with an IP similar to 192.168.4.x/21. This would enable it to reach (e.g. ping) all devices on all three LANs. Then something like
# arp-scan 192.168.0.0/21
would discover all connected interfaces on the three LANs (subnets). (If you had used 192.168.1/24, 192.168.2/24 and 192.168.3/24 you would only have to scan 192.168.0.0/22)
You can query the target for MAC addresses which is different than detecting the address as reported by the network connection which is what you’re suggesting here and is the basis of the post by @eng-int.
Best to wait until the OP clarifies network topolgy and access rights before speculating further, but I’ve already suggested how MAC addresses can be discovered on a remote subnet assuming an administrator POV.
Network topology is not absolutely necessary beyond what he already described.
I don’t remember the exact scanner I used long ago, but a simple survey of scanners that do retrieve the MAC address of target hosts tell us how it’s done…
The most obvious method first that works only when on the same physical network is what you describe which is to simply ping all the hosts in the same network and read the network connection properties off each successful network connection, this will succeed no matter whether the target machines are willing to reveal any more information than is necessary.
All scanners that retrieve information like MAC addresses from targets in remote networks have to be queried for the information and depending on the security level of the target, may or may not be willing to respond to such queries… So one way is as you describe which is to authenticate using SNMP. There are other ways to authenticate including LDAP, Active Directory, knowing the specific login credentials of the remote machine, and so on… You should get the idea. Once the scanner can log into the remote target, the machine can be asked to do various things to provide more info than usual including the topic of this thread which is the MAC address… So for instance the scanner might request the target to run ifconfig or ipconfig/WMI and return the results.
Needless to say, careless security or security which allows easy access in some way can unintentionally enable things like getting the MAC address easily.
Another way that was described is pretty obvious but may not apply here… You can install an agent running either on each remote host or on a single host in the remote network that does the work for you. I’ve done that a few times setting up Nagios. An agent may already be running on the remote network like a DHCP server or a Residential Gateway or Access Point which will have all the MAC addresses for the clients they serve.
Another way I’ve gotten remote addresses of machines on public networks is that ISPs often assign names to their customers that include the MAC and/or IP address for internal management purposes and those names are easily discoverable, I assume no one does that regularly in their own private network.
Tsu - you haven’t told me anything I do not already know, and already hinted at in my previous replies.
Once the scanner can log into the remote target, the machine can be asked to do various things to provide more info than usual including the topic of this thread which is the MAC address… So for instance the scanner might request the target to run ifconfig or ipconfig/WMI and return the results.
Needless to say, careless security or security which allows easy access in some way can unintentionally enable things like getting the MAC address easily.
Another way that was described is pretty obvious but may not apply here… You can install an agent running either on each remote host or on a single host in the remote network that does the work for you. I’ve done that a few times setting up Nagios. An agent may already be running on the remote network like a DHCP server or a Residential Gateway or Access Point which will have all the MAC addresses for the clients they serve.
As I already suggested (posts #2 and #7 without the verbosity)!
Yes, I’m sure that what I ended up describing was known to you, however the point I felt needed to be made is that SNMP and MiBs aren’t the only way or even necessarily the most common way for non-enterprise Users to collect MAC addresses.
Although my initial comment about querying the target for the info was maybe too brief to be easily understood, the additional examples and methods I described might help less experienced Users.
Although my initial comment about querying the target for the info was maybe too brief to be easily understood, the additional examples and methods I described might help less experienced Users.
~ # nmap -sP 192.168.2.0/24
Starting Nmap 6.47 ( http://nmap.org ) at 2019-02-03 16:21 CET
Nmap scan report for 192.168.2.42
Host is up (0.0014s latency).
Nmap scan report for 192.168.2.200
Host is up (0.032s latency).
Nmap done: 256 IP addresses (2 hosts up) scanned in 9.20 seconds
Run on root console from subnet 3 ( from wher I am )
Nothing about mac address nor hostname; seems because that does not cross router.
Internet come to router 1.
On router 1
One port is for subnet 1; there is some device on subnet 1 with address 192.168.2.xxx
One port is connected to router 2
On router 2
One port is for subnet 2; there is some device on subnet 2 with address 192.168.3.xxx
One port is connected to router 3
On router 3 network addresses is 192.168.4.xxx
This is where I am connected.
THis is from where I would like to get device name, IP, and mac address.
tsu2;2892995 Wrote:
> Something like nmap can return results in tabular form.
> If you want a scan displayed graphically, you can run something like
> EtherApe.
>
> I wouldn’t scan for something like SNMP, you’re only querying members
> of the SNMP organization.
>
> TSU
Code:
~ # nmap -sP 192.168.2.0/24
Starting Nmap 6.47 ( http://nmap.org ) at 2019-02-03 16:21 CET
Nmap scan report for 192.168.2.42
Host is up (0.0014s latency).
Nmap scan report for 192.168.2.200
Host is up (0.032s latency).
Nmap done: 256 IP addresses (2 hosts up) scanned in 9.20 seconds
Run on root console from subnet 3 ( from wher I am )
Nothing about mac address nor hostname; seems because that does not
cross router.
Hi
So are all three routers capable of snmp?
–
Cheers Malcolm °¿° SUSE Knowledge Partner (Linux Counter #276890)
SLES 15 | GNOME Shell 3.26.2 | 4.12.14-25.25-default
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below… Thanks!
