Generating a Report of ARP Table Information


You need to extract the ARP table from one of your routers to determine the MAC address associated with a particular IP address or the IP address for a particular MAC address.


The script in Example 2-3, arpt.pl, extracts the ARP table for a specified router or IP address and displays the results to standard output. The script expects to find a hostname or IP address of a router on the command line.

Example 2-3. arpt.pl

# arpt.pl -- a script to extract the ARP cache from a router. 
#Set behavour
$snmpwalk="/usr/local/bin/snmpwalk -v 1 -c $snmpro";
$snmpget="/usr/local/bin/snmpget -v 1 -c $snmpro";
chomp ($rtr=$ARGV[0]);
if ( $rtr eq "" ) {die "$0: Must specify a router 
@iftable=Q$snmpwalk $rtr ifDescrQ;
for $ifnum (@iftable) {
 chomp (($intno, $intname) = split (/ = /, $ifnum));
printf ("%-22.22s %-10.10s %-25.25s
", Address, MAC, Interface);
@atTable=Q$snmpwalk $rtr .;
for $atnum (@atTable) {
 chomp (($atip, $atint) = split (/ = /, $atnum));
 $atip =~ s/.*atIfIndex.[0-9]+.1.//;
 $atphys=Q$snmpget $rtr atPhysAddress.$atint.1.$atipQ;
 chomp(($foo, $phys) = split(/: /, $atphys));
 $phys=~s/ /-/gi; chop ($phys);
 printf ("%-15.15s %17.17s %-25.25s
", $atip, $phys, $int);


The arpt.pl script extracts the ARP table from a specific router using SNMP and displays it to standard output. The script requires Perl and NET-SNMP, and it expects to find both in the /usr/local/bin directory. For more information on Perl or NET-SNMP, please see Appendix A.

Before using the script, you need to set the SNMP read-only community string, which is contained in the variable $snmpro:

Freebsd% ./arpt.pl toronto
Address MAC Interface 00-01-96-70-b7-81 FastEthernet0/1 00-01-96-70-b7-81 FastEthernet0/1 00-01-96-70-b7-81 FastEthernet0/1 00-10-4b-09-57-00 FastEthernet0/0.1 00-01-96-70-b7-80 FastEthernet0/0.1 00-00-0c-92-bc-6a FastEthernet0/0.1 00-00-0c-07-ac-01 FastEthernet0/0.1 00-01-96-70-b7-80 FastEthernet0/0.2 00-00-0c-07-ac-00 FastEthernet0/0.2

The script creates a simple report, including the IP address, MAC address, and interface name of each ARP entry. You can then use a search utility of some kind to locate specific devices by its IP or MAC address. For example, on a Unix server, you could pipe the output to the grep command, as follows:

Freebsd% ./arpt.pl toronto | grep 00-01-96-70-b7-80 FastEthernet0/0.1

The ARP tables on large routers can be quite large, which can make locating a single ARP entry difficult. This script allows you to track down a particular device remotely. You could also use the grep utility to find the IP address of a particular known MAC address:

Freebsd% ./arpt.pl toronto | grep 00-10-4b-09-57-15 00-10-4b-09-57-15 FastEthernet0/0.1

This script only queries open standard SNMP MIBS, so you can use it to extract ARP table information from almost any SNMP enabled device, even nonCisco equipment.

See Also

Appendix A

Router Configuration and File Management

Router Management

User Access and Privilege Levels


IP Routing





Frame Relay

Handling Queuing and Congestion

Tunnels and VPNs

Dial Backup

NTP and Time


Router Interfaces and Media

Simple Network Management Protocol





First Hop Redundancy Protocols

IP Multicast

IP Mobility




Appendix 1. External Software Packages

Appendix 2. IP Precedence, TOS, and DSCP Classifications


Cisco IOS Cookbook
Cisco IOS Cookbook (Cookbooks (OReilly))
ISBN: 0596527225
EAN: 2147483647
Year: 2004
Pages: 505

Similar book on Amazon

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net