Home > fabricpath, nexus > Find the port a host is connected to in a Fabricpath fabric

Find the port a host is connected to in a Fabricpath fabric

Finding a host in a CE (Classic Ethernet) switched datacenter is a simple matter of showing the MAC address table on a switch and following the port that MAC is seen on until you end up at an access layer switch the host you are looking for is connected to. The command “show mac-address address aaaa.bbbb.cccc results in a nice easy to read output as such:
 

# sh mac address-table address 90e2.ba5b.3f90
Legend: 
        * - primary entry, G - Gateway MAC, (R) - Routed MAC, O - Overlay MAC
        age - seconds since last seen,+ - primary entry using vPC Peer-Link,
        (T) - True, (F) - False
   VLAN     MAC Address      Type      age     Secure NTFY Ports/SWID.SSID.LID
---------+-----------------+--------+---------+------+----+------------------
* 800      90e2.ba5b.3f90    dynamic   30         F    F  Po1118

 

As you can see, we get the VLAN and what port the MAC shows up on. Now, when we do the same thing in a Fabricpath topology, we get a little different results. I am running this command from one of my spine switches in the Fabricpath topology. (I’m also using a different MAC as I’m on a different switch running Fabricpath):
 

# sh mac address-table address 000c.29af.42a7
Legend: 
        * - primary entry, G - Gateway MAC, (R) - Routed MAC, O - Overlay MAC
        age - seconds since last seen,+ - primary entry using vPC Peer-Link,
        (T) - True, (F) - False
   VLAN     MAC Address      Type      age     Secure NTFY Ports/SWID.SSID.LID
---------+-----------------+--------+---------+------+----+------------------
  100      000c.29af.42a7    dynamic   0          F    F  1002.0.0

 
Now, instead of the port the MAC address is seen on we get three numbers separated by decimal points. Lets go over what these are. The numbers correspond to the SWID – Switch ID, SSID – Sub Switch ID and LID – Local ID. The SWID is a unique value assigned per switch what ISIS uses to route traffic within the fabric. The SSID is used when VPC+ is configured and is locally significant to each switch. More specifically, it is used to specify exactly what VPC+ port-channel to forward traffic on to reach its destination. Finally, there is the LID also know as the Port ID. This identifies the physical port that traffic was sourced from or is destined to and is also locally significant to each switch in the fabric.

The entry we are most concerned with is the SWID as this will be the destination switch traffic is being routed to and thus will be the switch our host we are trying to find is connected to. In order to find that switch, lets find out what port (or ports) the switch is accessible by. To do this we show the Fabricpath route for the SWID in question. I am running this command from one of my spine switches in the Fabricpath topology.
 

#sh fabricpath route switchid 1002
FabricPath Unicast Route Table
'a/b/c' denotes ftag/switch-id/subswitch-id
'[x/y]' denotes [admin distance/metric]
ftag 0 is local ftag
subswitch-id 0 is default subswitch-id


FabricPath Unicast Route Table for Topology-Default

1/1002/0, number of next-hops: 2
        via Eth1/1, [115/10], 97 day/s 21:40:34, isis_fabricpath-default
        via Eth2/1, [115/10], 54 day/s 10:45:17, isis_fabricpath-default

 
Looks like SWID 1002 is accessable via Eth1/1 and Eth1/2. Usually, a switch ID will have only one next hop per spine switch but int this case, the switch ID 1002 is actually a vpc Fabricpath switch ID associated with a vpc pair of switches thus it is reachable from either switch in the pair. No matter as the next step is the same regardless. We need to figure out what switch that is and its management IP so we can continue on our way. I will do this by showing the CDP neighbor info of one of the ports listed.
 

# sh cdp neighbor int e1/1 detail
----------------------------------------
Device ID:5f-n6001-a(abcdef12345)
System Name: 5f-n6001-a

Interface address(es):
    IPv4 Address: 10.18.0.14
Platform: N6K-C6001-64P, Capabilities: Router Switch IGMP Filtering Supports-STP-Dispute
.....
MTU: 1500
Physical Location: snmplocation
Mgmt address(es):
    IPv4 Address: 10.18.252.14

 
I cut some of the output but you see we have the management IP’s of the device so lets get on there and check the MAC address table to see if our host is connected to a port that is on this switch.
 

5f-n6001-a# sh mac address-table address 000c.29af.42a7
Legend: 
        * - primary entry, G - Gateway MAC, (R) - Routed MAC, O - Overlay MAC
        age - seconds since last seen,+ - primary entry using vPC Peer-Link
   VLAN     MAC Address      Type      age     Secure NTFY   Ports/SWID.SSID.LID
---------+-----------------+--------+---------+------+----+------------------
* 100      000c.29af.42a7    dynamic   0          F    F   Po200

 
Looks like our host is connected to this switch in the fabric on port channel 200. We can now show what ports are bundled in the port channel to get the physical ports our host is connected to.
 

5f-n6001-a# sh port-channel summary int po200
Flags:  D - Down        P - Up in port-channel (members)
        I - Individual  H - Hot-standby (LACP only)
        s - Suspended   r - Module-removed
        S - Switched    R - Routed
        U - Up (port-channel)
        M - Not in use. Min-links not met
--------------------------------------------------------------------------------
Group Port-       Type     Protocol  Member Ports
      Channel
--------------------------------------------------------------------------------
200   Po200(SU)   Eth      LACP      Eth1/25(P)

 

So in summary, we looked up the MAC of the host we were searching for which returned a SWID that is the source/destination of traffic to/from that MAC address. Looked up the Fabricpath route to that SWID which gave us the port(s) that the switch ID is reachable via. Then we obtained the management address of the switch on the other side of those ports and checked to see if the MAC we were looking for was directly connected to that switch. If so, then we get a port that the MAC is seen on. If not, then we would have gotten another SWID.SSID.LID and gone from there.

Advertisements
Categories: fabricpath, nexus
  1. April 8, 2015 at 3:36 pm

    Great article! We are linking to this great article on our website.
    Keep up the great writing.

  2. July 29, 2015 at 10:14 am

    This worked great and taught me a thing or two about tracing through fabricpath. Thanks!

  3. Srini
    July 29, 2015 at 1:16 pm

    This is a great doc and very useful in tracing down the host in a fabric path

  4. chimpoo
    August 21, 2015 at 11:38 pm

    excellent doc! simple and extremely helpful! a big thanks!

    • August 22, 2015 at 11:14 am

      Thanks. I’m glad you found it useful.

  5. prasanth
    October 1, 2015 at 12:50 am

    Amazing work. Really helpful

  6. Thirunavukkarasu
    December 27, 2015 at 2:19 pm

    Superb example… Superb explanation… to trace the “host connected port” in fabricpath… Thanks a lot..

  7. Thirunavukkarasu
    December 27, 2015 at 2:22 pm

    Superb explanation… Thanks a lot…

  8. dlue
    May 8, 2016 at 4:10 pm

    Excuse me, but I think we can “cut off” a little bit our research whit the following commands:
    # sh mac address-table address 000c.29af.42a7
    # sh fabricpath switch-id 1002 (use to find the system-id mac address)
    # sh fabricpath isis hostname (usefull to find hostname based on system-id mac address)

    It is more easy to find “end host” but we need to active “hostname dynamic” on global fabricpath config for the entire fabricpath domain.

    Regards,
    dlue

  9. Mahesh Tangeda
    June 28, 2016 at 11:08 pm

    Very useful article for troubleshooting…..Thanks

  10. aaaa
    July 20, 2017 at 2:15 am

    thanks

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: