how would I represent an IP address as an OID? is there any subtree for generic IP addresses? I'd have expected something like { iso(1) org(3) dod(6) internet(1) protocols ip v4(4) address 127 0 0 1 } (for 127.0.0.1; 1.3.6.1 is the internet OID, but everything after that is just my example) but can't find it in the public repos.
As there seems to be no such method until now, I reserved the OID node **1.3.6.1.4.1.43892.1863.791.0.<ip> for this use, <ip> being an IPv4 address in dotted decimal representation.
so the OID for "127.0.0.1" (the example in my original question) would be: 1.3.6.1.4.1.43892.1863.791.0.127.0.0.1
Related
I am writing a pinging utility to check the connectivity. We have an IP range from X.X.X.0 - X.X.X.24
Ping X.X.X.08 - gives unknown host
Ping X.X.X.008- gives unknown host
Ping X.X.X.8 - gets successful response
How many digits should be there in the last octet?
But when I ping X.X.X.007 or X.X.X.07 or X.X.X.7 works, i get successful response.
Could some shade some light what i am missing?
This depends almost entirely on the implementation of your ping but the most likely cause is that the 08 is being treated as an octal number because it begins with 0.
And, since the valid octal digits are limited to 0..7, it assumes it's not a numeric IP address but instead a name to be looked up (in DNS, for example).
This octal behavior can be confirmed (under Windows) with the following transcript:
C:\Users\Pax> ping 192.168.1.061
Pinging 192.168.1.49 with 32 bytes of data:
Reply from 192.168.1.61: Destination host unreachable.
:
The 061 appears to have been treated as octal from the first line of the output, since 618 (6x8+1) = 4910. The subsequent lines, though they claim to be pinging the .61 address, are lying. That's because that's my actual machine and, if I do it without the leading zero, it works fine:
C:\Users\Pax>ping 192.168.1.61
Pinging 192.168.1.61 with 32 bytes of data:
Reply from 192.168.1.61: bytes=32 time<1ms TTL=128
:
If the octal bit contains a non-octal digit, that's when it starts complaining about the host itself rather than it just not being reachable (or, worse, pinging the wrong machine):
C:\Users\Pax>ping 192.168.1.61
Pinging 192.168.1.61 with 32 bytes of data:
Reply from 192.168.1.61: bytes=32 time<1ms TTL=128
:
C:\Users\Pax>ping 192.0168.1.61
Ping request could not find host 192.0168.1.61.
Please check the name and try again.
Normally, it doesn't matter if you have X.X.X.001 or .01 or .1 for the last octet.
See my ping results on 192.168.0.1 and .01 and .001 => they all result to .1
I am new to TCL and Expect.I tried to extract ip address of a particular interface using the interface name.
sample input:
Interface IP-Address OK? Method Status Protocol
Embedded-Service-Engine0/0 unassigned YES NVRAM administratively down down
GigabitEthernet0/0 unassigned YES NVRAM up up
GigabitEthernet0/0.10 10.1.1.1 YES NVRAM up up
GigabitEthernet0/0.20 20.1.1.2 YES NVRAM up up
GigabitEthernet0/1 192.168.2.1 YES NVRAM up up
GigabitEthernet0/2 192.168.1.1 YES NVRAM up up
I tried this,
regexp -line ^ $interfacename.*?(?=(?:\\..*?)?\\d{1,}) $temp
but its not giving me any answers.... Can somebody help me in this.
You are trying to extract the IP address? Example, for "GigabitEthernet/1" you want 192.168.2.1, correct?
If yes:
% set interfacename GigabitEthernet0/1
GigabitEthernet0/1
% set re "^$interfacename\\s+(\[\\d.]+)"
^GigabitEthernet0/1\s+([\d.]+)
% regexp -inline -line $re $input
{GigabitEthernet0/1 192.168.2.1} 192.168.2.1
% regexp -line $re $input -> ip
1
% set ip
192.168.2.1
You don't need a lookahead here. Also, you don't want a space after the ^ character.
I can get the switch status by using oid : .1.3.6.1.2.1.2.2.1.8
This displays all the ports with status up or down.
However, I want an oid to check the particular port, e.g. to check whether the 5th port is up or down.
Also, I want an oid to get the MAC Address & IP which is connected to a port, e.g. the MAC Address & IP of a PC which is connected to port 5.
The data about ports is stored in a MIB table. The table OID is .1.3.6.1.2.1.2.2.1, which means, that to get a specific piece of data you must query:
.1.3.6.1.2.1.2.2.1.X.Y
where X is the item index, and Y is the port index. For example the oid for the description of port 10101 is .1.3.6.1.2.1.2.2.1.2.10101:
$ snmpget -mall -v1 -c public <switch_ip> .1.3.6.1.2.1.2.2.1.2.10101
IF-MIB::ifDescr.10101 = STRING: GigabitEthernet0/1
To get all the data in the ports table you can query it like this:
$ snmpwalk -mall -v1 -c public <switch_ip> .1.3.6.1.2.1.2.2.1
To get MAC addresses on a specific port you can query the FDB in BRIDGE-MIB:
$ snmpwalk -mall -v1 -c public <switch_ip> .1.3.6.1.2.1.17.4.3.1.2
Since switching on 2960 is mostly a layer 2 operation, there is no way to get the corresponding IP addresses, unless you set it up as router.
I am facing a strange problem on my Ubuntu Karmic system.
When I call getaddrinfo() with AI_PASSIVE and AF_UNSPEC, for an empty host and the UDP 12000 port to get a bindable address, I only get back one IPv4 result (0.0.0.0:12000 for instance).
If I change my call and specify AF_INET6 instead of AF_UNSPEC, then getaddrinfo() returns "Name or service not known".
Shouldn't I get [::]:12000 as a result ?
The same thing happens if I set the host to ::1.
When I call getaddrinfo() without AI_PASSIVE (to get a "connectable" address) for the host "localhost" and the UDP 12000 port, I first get [::1]:12000 then 127.0.0.1:12000.
So apparently, my system is IPv6 ready (I can ping to both IPv4 and IPv6 addresses, as well as DNS resolution). But how is it that I can't get an IPv6 address to bind to with getaddrinfo() ?
Do you guys have any idea about what could be wrong ?
My OS is Ubuntu Karmic, fresh install without any networking tweaking.
Thank you.
P.S: If you have no idea but still want to help me, you can get this sample program or type:
wget http://people.apache.org/~jorton/gai.c
And give me the result of:
$ ./gai -ap null 12000
My result is:
$ ./gai -ap null 12000
getaddrinfo(NULL, "12000", {.family=AF_UNSPEC, .hints=0|AI_ADDRCONFIG|AI_PASSIVE}) = 0:
family= 2, proto= 6 inet4: addr=0.0.0.0, port=12000
There you can see that I only have one IPv4 result.
This happens on new systems that use eglibc: debian-glibc.
Apparently, there is a bug that requires you to set at least one valid IPv6 address to one of your network interfaces (the loopback doesn't count).
After I did this:
$ sudo ip -6 addr add 2001:660:4701:1001::1 dev eth0
I have:
$ ./gai -ap null 12000
getaddrinfo(NULL, "12000", {.family=AF_UNSPEC, .hints=0|AI_ADDRCONFIG|AI_PASSIVE}) = 0:
family= 2, proto= 6 inet4: addr=0.0.0.0, port=12000
family=10, proto= 6 inet6: addr=::, port=12000, flowinfo=0
I hope this can help someone.
i need to find the host name of a UNIX host whose IP is known with out login to that UNIX host
Use nslookup
nslookup 208.77.188.166
...
Non-authoritative answer:
166.188.77.208.in-addr.arpa name = www.example.com.
You can do a reverse DNS lookup with host, too. Just give it the IP address as an argument:
$ host 192.168.0.10
server10 has address 192.168.0.10
Another NS lookup utility that can be used for reversed lookup is dig with the -x option:
$ dig -x 72.51.34.34
; <<>> DiG 9.9.2-P1 <<>> -x 72.51.34.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12770
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1460
;; QUESTION SECTION:
;34.34.51.72.in-addr.arpa. IN PTR
;; ANSWER SECTION:
34.34.51.72.in-addr.arpa. 42652 IN PTR sb.lwn.net.
;; Query time: 4 msec
;; SERVER: 192.168.178.1#53(192.168.178.1)
;; WHEN: Fri Jan 25 21:23:40 2013
;; MSG SIZE rcvd: 77
or
$ dig -x 127.0.0.1
; <<>> DiG 9.9.2-P1 <<>> -x 127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11689
;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;1.0.0.127.in-addr.arpa. IN PTR
;; ANSWER SECTION:
1.0.0.127.in-addr.arpa. 10 IN PTR localhost.
;; Query time: 2 msec
;; SERVER: 192.168.178.1#53(192.168.178.1)
;; WHEN: Fri Jan 25 21:23:49 2013
;; MSG SIZE rcvd: 63
Quoting from the dig manpage:
Reverse lookups -- mapping addresses to names -- are simplified by the
-x option. addr is an IPv4 address in dotted-decimal notation, or a colon-delimited IPv6 address. When this option is used, there is no
need to provide the name, class and type arguments. dig automatically
performs a lookup for a name like 11.12.13.10.in-addr.arpa and sets
the query type and class to PTR and IN respectively.
For Windows ping -a 10.10.10.10
For Windows, try:
NBTSTAT -A 10.100.3.104
or
ping -a 10.100.3.104
For Linux, try:
nmblookup -A 10.100.3.104
They are almost same.
It depends on the context. I think you're referring to the operating system's hostname (returned by hostname when you're logged in). This command is for internal names only, so to query for a machine's name requires different naming systems. There are multiple systems which use names to identify hosts including DNS, DHCP, LDAP (DN's), hostname, etc. and many systems use zeroconf to synchronize names between multiple naming systems. For this reason, results from hostname will sometimes match results from dig (see below) or other naming systems, but often times they will not match.
DNS is by far the most common and is used both on the internet (like google.com. A 216.58.218.142) and at home (mDNS/LLMNR), so here's how to perform a reverse DNS lookup: dig -x <address> (nslookup and host are simpler, provide less detail, and may even return different results; however, dig is not included in Windows).
Note that hostnames within a CDN will not resolve to the canonical domain name (e.g. "google.com"), but rather the hostname of the host IP you queried (e.g. "dfw25s08-in-f142.1e100.net"; interesting tidbit: 1e100 is 1 googol).
Also note that DNS hosts can have more than one name. This is common for hosts with more than one webserver (virtual hosting), although this is becoming less common thanks to the proliferation of virtualization technologies. These hosts have multiple PTR DNS records.
Finally, note that DNS host records can be overridden by the local machine via /etc/hosts. If you're not getting the hostname you expect, be sure you check this file.
DHCP hostnames are queried differently depending on which DHCP server software is used, because (as far as I know) the protocol does not define a method for querying; however, most servers provide some way of doing this (usually with a privileged account).
Note DHCP names are usually synchronized with DNS server(s), so it's common to see the same hostnames in a DHCP client least table and in the DNS server's A (or AAAA for IPv6) records. Again, this is usually done as part of zeroconf.
Also note that just because a DHCP lease exists for a client, doesn't mean it's still being used.
NetBIOS for TCP/IP (NBT) was used for decades to perform name resolution, but has since been replaced by LLMNR for name resolution (part of zeroconf on Windows). This legacy system can still be queried with the nbtstat (Windows) or nmblookup (Linux).
python -c "import socket;print(socket.gethostbyaddr('127.0.0.1'))"
if you just need the name, no additional info, add [0] at the end:
python -c "import socket;print(socket.gethostbyaddr('8.8.8.8'))[0]"
The other answers here are correct - use reverse DNS lookups.
If you want to do it via a scripting language (Python, Perl) you could use the gethostbyaddr API.
If you are specifically looking for a Windows machine, try below command:
nbtstat -a 10.228.42.57
You can use traceroute command as well.
http://linux.die.net/man/8/traceroute
just use the traceroute it will show you the routing path with host names (IPs resolved)
In most cases, traceroute command works fine. nslookup and host commands may fail.