Quote:
Originally Posted by DrLove73
Is it possible in RHEL (or Linux in general), if you do not know IP of the unit in question, to set something like arp cache entry and ping or ssh to that unit?
Idea is to plug in a wireless router brought in for repair/check/ to LAN switch and to avoid to have to look for IP that is set on that router, instead just add arp cache entry
Code:
arp -n -s <IP> <MAC>
and ping given IP.
Upper command (tested on routers already in arp cache) haven't worked.
Anybody knows a way and possible caveats?
|
I can tell you why this doesn't work, and then give you two simple suggestions you can try.
Why it doesn't work--
If you add an entry to your arp cache and then ping (icmp echo), or attempt to open a tcp/ip connection (ssh, or any other app), a packet will be formed and sent out the appropriate interface that has
1) the MAC address (that you presumably read off a sticker) in the destination of the MAC header;
2) your "invented" IP address in the destination field of the IP header.
Assuming the MAC address is correct and the device is on the network of the interface the packet was sent out on, it will be delivered to that device.
The problem you run into is that packet is unicast to a specific IP address. When the packet is read in, the device looks at it and says "that IP is not one that belongs to me" and will then just drop it. Just as mac.tieu said.
I have seen devices (print servers), that before they were configured would assume the destination IP address of the first unicast packet sent to it as its own temporary IP address. You could then connect to it and configure it as you wished. Neat trick. Won't help you here. Possibly similar to what was alluding to.
For reference by others, I did the same experiment.
Code:
[root@athlonz ~]# arp -n -s 192.168.1.149 00:50:43:01:cc:ce
[root@athlonz ~]# arp -n
Address HWtype HWaddress Flags Mask Iface
192.168.1.149 ether 00:50:43:01:cc:ce CM eth0
192.168.1.1 ether 00:1d:7e:2d:6f:43 C eth0
192.168.1.103 ether 00:17:f2:48:1d:2f C eth0
[root@athlonz ~]# ping 192.168.1.149
PING 192.168.1.149 (192.168.1.149) 56(84) bytes of data.
c^C
--- 192.168.1.149 ping statistics ---
9 packets transmitted, 0 received, 100% packet loss, time 8188ms
[root@athlonz ~]# ping 192.168.1.104
PING 192.168.1.104 (192.168.1.104) 56(84) bytes of data.
64 bytes from 192.168.1.104: icmp_seq=1 ttl=64 time=1.35 ms
64 bytes from 192.168.1.104: icmp_seq=2 ttl=64 time=0.095 ms
64 bytes from 192.168.1.104: icmp_seq=3 ttl=64 time=0.119 ms
64 bytes from 192.168.1.104: icmp_seq=4 ttl=64 time=0.118 ms
64 bytes from 192.168.1.104: icmp_seq=5 ttl=64 time=0.112 ms
64 bytes from 192.168.1.104: icmp_seq=6 ttl=64 time=0.102 ms
^C
--- 192.168.1.104 ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 5839ms
rtt min/avg/max/mdev = 0.095/0.316/1.354/0.464 ms
[root@athlonz ~]# arp -n
Address HWtype HWaddress Flags Mask Iface
192.168.1.149 ether 00:50:43:01:cc:ce CM eth0
192.168.1.1 ether 00:1d:7e:2d:6f:43 C eth0
192.168.1.104 ether 00:50:43:01:cc:ce C eth0
192.168.1.103 ether 00:17:f2:48:1d:2f C eth0
[root@athlonz ~]#
First suggestion---
It might be possible to do a broadcast ping to get the IP address of the device you connected, even if it is configured with an IP address in another subnet. You'll have to try an experiment to see if it will respond.
All devices in my network are in the same subnet.
Code:
[root@athlonz ~]# ping -b 255.255.255.255
WARNING: pinging broadcast address
PING 255.255.255.255 (255.255.255.255) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=0.607 ms
64 bytes from 192.168.1.105: icmp_seq=1 ttl=64 time=2.30 ms (DUP!)
64 bytes from 192.168.1.103: icmp_seq=1 ttl=64 time=3.08 ms (DUP!)
64 bytes from 192.168.1.239: icmp_seq=1 ttl=255 time=6.51 ms (DUP!)
64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=0.535 ms
64 bytes from 192.168.1.103: icmp_seq=2 ttl=64 time=1.82 ms (DUP!)
64 bytes from 192.168.1.105: icmp_seq=2 ttl=64 time=2.27 ms (DUP!)
64 bytes from 192.168.1.239: icmp_seq=2 ttl=255 time=6.49 ms (DUP!)
64 bytes from 192.168.1.1: icmp_seq=3 ttl=64 time=0.533 ms
64 bytes from 192.168.1.103: icmp_seq=3 ttl=64 time=1.83 ms (DUP!)
64 bytes from 192.168.1.105: icmp_seq=3 ttl=64 time=2.27 ms (DUP!)
64 bytes from 192.168.1.239: icmp_seq=3 ttl=255 time=6.51 ms (DUP!)
64 bytes from 192.168.1.1: icmp_seq=4 ttl=64 time=0.509 ms
64 bytes from 192.168.1.103: icmp_seq=4 ttl=64 time=1.84 ms (DUP!)
64 bytes from 192.168.1.105: icmp_seq=4 ttl=64 time=2.02 ms (DUP!)
64 bytes from 192.168.1.239: icmp_seq=4 ttl=255 time=6.29 ms (DUP!)
^C
--- 255.255.255.255 ping statistics ---
4 packets transmitted, 4 received, +12 duplicates, 0% packet loss, time 3317ms
rtt min/avg/max/mdev = 0.509/2.840/6.514/2.208 ms
Interesting that nothing goes into your arp cache at this point. But if you attempt to establish a connection with any of those newly discovered addresses, then an arp is performed and an entry is made.
Code:
[root@athlonz ~]# arp -n
Address HWtype HWaddress Flags Mask Iface
192.168.1.149 ether 00:50:43:01:cc:ce CM eth0
192.168.1.1 ether 00:1d:7e:2d:6f:43 C eth0
192.168.1.105 ether 00:14:51:78:92:a1 C eth0
192.168.1.103 ether 00:17:f2:48:1d:2f C eth0
[root@athlonz ~]# telnet 192.168.1.239
Trying 192.168.1.239...
^C
[root@athlonz ~]# arp -n
Address HWtype HWaddress Flags Mask Iface
192.168.1.149 ether 00:50:43:01:cc:ce CM eth0
192.168.1.1 ether 00:1d:7e:2d:6f:43 C eth0
192.168.1.239 ether 00:18:4d:e9:ef:d8 C eth0
192.168.1.105 ether 00:14:51:78:92:a1 C eth0
192.168.1.103 ether 00:17:f2:48:1d:2f C eth0
[root@athlonz ~]#
Second suggestion--
Have you thought of using 'nmap'?
nmap -v -sP 192.168.1.0/24
nmap -v -sP 192.168.0.0/16