NPM could poll for the ARP data, and might be fairly efficient at it, but the pollers would have to cope with possibly large volumes of data.
Via Layer 3 topology?
Image may be NSFW.
Clik here to view.
We're already polling for that (probably unwisely) and not getting full tables. On a switch with 20+ "up" ports, "NPM Network Topology" table only shows 10 connections of which five are L2 and show "unknown" interfaces. Something's not right here?
note: if you have VRFS (we have well over 50) then polling arp data using SNMP will be challenging (and potentially very expensive), depending on which manufacturer you are using, and if it's a full vrf or vrf-lite.
Not sure if we do, will look into it. We have about 10 switches with about 300 interfaces between them. A number of them are Cisco 3560 series managed by our "parent" department that allows us to poll them; trying to use snmpwalk to get ARP tables times out on theirs though while working on our own switches...
snmpwalk -v 2c -c public 192.168.200.41 .1.3.6.1.2.1.3.1.1.2
Solarwinds' IPAM product is fairly good at mapping IP<>MAC information, but it does not record the switch ports.
Solarwinds' UDT product is ok at mapping IP<>MAC information, and MAC<>port information.
both products lack an API, and have some fairly big limitations so I'd suggest thoroughly testing them in your environment before purchasing.
If you would like an open-source package then Network Tracking Database | SourceForge.net is an alternative.
Been looking at UDT and IPAM; didn't know about NTB, will look into it.
Thank you Richard!
Clik here to view.
