How do I physically locate a server on a network?

ollielaroo

Hi guys,

I'm wondering if anyone out there can help.
I work in a large multinational corporation which has data-centers all over the world. The domain I only need to concern myself with is EMEA of course. One of the many internal websites we have is maintained securely within our firewall and runs on a Unix box.
The thing is because there are so many servers in our data-center and because some servers have no labels nobody in the building seems to know where exactly this linux box is. All I know is that the server is definitely located in our building (always has been) and is connected to one of the main switches within the server rooms. Recently I looked at a server monitoring tool/app which has a web interface that provides various info such as server uptime and traffic etc.. This web interface shows that the Unix server is connected to one of the main switches in our building. I tried telnetting to this switch thinking I might be able to locate the server by looking at the switch ports etc. but of course I don't know the username or password for that switch. I suppose I should really go to one of the networking admin guys
and ask them to login to the switch and do some investigating for me.

Many of you are probably aware of graphical traceroute tools on the net that help you locate a machine, somewhere in the world. I'm wondering is there anything like this that might work similarly on our network, maybe I could run on my Windows pc at work?
In know the IP address of the Unix box, it's MAC address and server name.

Any suggestions would greatly be appreciated, Thank you.

Kali

- ping the box
- get the mac address from your local arp cache (arp -a)
- logon to one of the network switchs and view the mac address table (on cisco equipment: show mac-address-table), this will show you the port it's connected to.
- repeat until you have the final port, then trace your cables back through the relevant patch-panels.

alternatively if your switches support it you can do a layer 2 traceroute (traceroute mac ip source.ip dest.ip) .. this will show you which switchs and ports the traffic flows through.

Ruaidhri

Cheap mans version: Eject the CD ROM Drive
Then look for the server with an ejected CDROM drive.

ollielaroo

thank you Kali,

If I had the time I would go to one of the network/server lads in the building and chase up your idea. I learned about cisco switches etc. (i'm a bit rusty) in college and it's really interesting stuff. I'll see if I can arrange some quiet time at xmas to follow your suggestion, I don't have a swipe card for the server rooms either so this makes it a bit harder. thanks again Kali.

Ruaidhri

I like your style man! Like I said to Kali I don't have an access card for the server rooms but I definetley want to give your suggestion a shot too.

Actually, wouldn't the combination of your two ideas together work pretty well.
Jesus!!

Here's a teaser for both of you:

What would the Unix command be to open/eject the CD-Tray?
...assuming it has a CD-Tray...

rmacm

ollielaroo wrote: »

What would the Unix command be to open/eject the CD-Tray?
...assuming it has a CD-Tray...

eject oddly enough

assuming the drive supports this.

zAbbo

You don't have access to the server room for a reason, Telnetting a main switch to have a look around!!! , this isn't Kansas, Dorothy. Try speaking to one of the network engineers as this seems above your head.

Sorry to seem condescending, but a large multinational's data-centre isn't exactly a flight simulator for you to shake off some rustyness.

Ruaidhri

ollielaroo wrote: »

I learned about cisco switches etc. (i'm a bit rusty) in college and it's really interesting stuff.

I'm currently studying for my CCIE, so I can at least get give you some learning resources.
But the following might help you:

SPIFF>sh arp | inc 10.1.99.100
Internet 10.1.99.100 - 0011.5d97.2000 ARPA Vlan99
SPIFF>sh cdp neighbors
<output removed>

This will let you know which switch is connected to which!

ollielaroo wrote: »

Ruaidhri

I like your style man! Like I said to Kali I don't have an access card for the server rooms but I definetley want to give your suggestion a shot too.

Actually, wouldn't the combination of your two ideas together work pretty well.
Jesus!!

Here's a teaser for both of you:

What would the Unix command be to open/eject the CD-Tray?
...assuming it has a CD-Tray...

Linux, it would be something like eject /dev/cd0
BSD it would be like camcontrol eject 0:0:0:0 (you'll need to do a camcontrol devlist)
Solaris: eject also works

Good luck! Tracking down servers is never a fun task. If they dont have cdrom drives, maybe you can make the server do some interesting disk access so you'll be able to identify it via the disk lights! I know with some RAID controllers they allow you to "identify" individual disks.. This is also an approach which might be helpful.

monkey tennis

I wrote a script once upon a time to play a little tune using the computer's built-in speaker (what's the correct term for the beepy-thing? ). Let me know if you reckon the server has one, and I'll see if I can dig it out. (Probably limited use in a noisy datacentre, but might be an option if you don't have a CD drive).

penfold944

Ruaidhri wrote: »

I'm currently studying for my CCIE, so I can at least get give you some learning resources.
But the following might help you:

SPIFF>sh arp | inc 10.1.99.100
Internet 10.1.99.100 - 0011.5d97.2000 ARPA Vlan99
SPIFF>sh cdp neighbors
<output removed>

Of course you forgot the middle bit - sh mac-address-table to find which port the mac-address was learned on

Best of luck studying for the CCIE - did it nearly 8 years ago now back when it was 2 days... Not too sure if I'd want to put myself through that torment again

mastermind2005

3com network director?

Ruaidhri

penfold944 wrote: »

Of course you forgot the middle bit - sh mac-address-table to find which port the mac-address was learned on

Best of luck studying for the CCIE - did it nearly 8 years ago now back when it was 2 days... Not too sure if I'd want to put myself through that torment again

yupp, good catch. I was trying to run out of the office yesterday while writing that post.

The CCIE -- well I'm only prepping for the written,but it's good! You get to learn so much, but damn it's an investment in time.

penfold944

Ruaidhri wrote: »

yupp, good catch. I was trying to run out of the office yesterday while writing that post.

The CCIE -- well I'm only prepping for the written,but it's good! You get to learn so much, but damn it's an investment in time.

Its well worth it... but the lab is pure torment

pm me if you have any questions or anything about it...

monkey tennis

Ruaidhri wrote: »

I'm currently studying for my CCIE

Yikes, me too, although I'm going for the Security track (hell, if I make it through, I might even go back around for the R&S as well )

There should be a support group for CCIE victims.

Ruaidhri

monkey tennis wrote: »

Yikes, me too, although I'm going for the Security track (hell, if I make it through, I might even go back around for the R&S as well )

There should be a support group for CCIE victims.

Yes there is, it's called wages

(and a butt load of more freedom on cisco.com )

loyatemu

monkey tennis wrote: »

Yikes, me too, although I'm going for the Security track (hell, if I make it through, I might even go back around for the R&S as well )

There should be a support group for CCIE victims.

I presume you've already found this forum then:
http://www.sadikhov.com/forum/index.php?showforum=11

monkey tennis

I meant more along the lines of emotional/trauma support! :eek:

Jackz

We use the open cdrom to locate servers sometimes they are usually labeled but its handy if you are sending a newbie to do someting, alternatively some servers have an l.e.d. you can turn on and off from the command line.