Hello all,
I have a mixed pool of servers with ESXi and Other Linux Distributions in my DC.
I want to discover the node which is booted to ESXi.. i can discover the linux host by nmap'ing the port 22 [SSH]
but for ESXi SSH is not enabled by default.. any ideas or mechanism to discover the ESXi ?
Any directions will be of great help..
Just scan for port 902. An ESX(i) host will open the socket and respond with an initial message like the following:
220 VMware Authentication Daemon Version 1.10: SSL Required, ServerDaemonProtocol:SOAP, MKSDisplayProtocol:VNC , VMXARGS supported, NFCSSL supported
Here is a quick and dirty bash snippet that scans for the port and message:
net='192.168.1.'
for i in $(seq 255)
do
echo | nc -nvw1 $net$i 902 | if grep -iq "VMware"
then
echo "$net$i looks like an ESX(i) host."
else
echo "$net$i does not look like an ESX(i) host."
fi
done
Try search for servers with ports 443 and 902 open.
Use Angry IP Scanner to find hosts by open ports - TechRepublic
I use Nmap - Free Security Scanner For Network Exploration & Security Audits. it works really, it will identify mac-address by vendor as well. for example nmap -sP 10.0.0.0/24
Sometime back I wrote a script for user who wanted to check if the ESXi servers in his network are alive in a given range. Basically the script uses vmkping -c 2 <IP_RANGE> from one ESXi box.
i will dust out the older threads and provide the script if found.. fingers crossed..
Found it..
Since you know the IP range, you can change the 192.168.x.x to your setup:
for i in `seq 255`; do for j in `seq 255`; do echo 192.168.$i.$j; esxcli network diag ping -H 192.168.$i.$j -I vmk0 -c 1 | grep -i Recieved | awk '{if($2 == 1) {print "Alive"} else print "Dead"}' >> Discovery.txt; done; done
Hi all,
thanks for the inputs.. But I wanted to discover the ESXi hosts from my client which is running on the same subnet.
Any other specific ports that I can scan for ? is there any workaround?
appreciate any response. .
Thanks again!
If you have a Linux machine in the same subnet, then you can use "slptool" to discover the ESX boxes. Service Location Protocol is available on ESX, and you can use below command from your Linux box:
Just scan for port 902. An ESX(i) host will open the socket and respond with an initial message like the following:
220 VMware Authentication Daemon Version 1.10: SSL Required, ServerDaemonProtocol:SOAP, MKSDisplayProtocol:VNC , VMXARGS supported, NFCSSL supported
Here is a quick and dirty bash snippet that scans for the port and message:
net='192.168.1.'
for i in $(seq 255)
do
echo | nc -nvw1 $net$i 902 | if grep -iq "VMware"
then
echo "$net$i looks like an ESX(i) host."
else
echo "$net$i does not look like an ESX(i) host."
fi
done
Thanks it works!.
appreciate all for contiguous response..