knatesan
Contributor
Contributor

How to discover the ESXi node in given IP range?

Jump to solution

Hello all,

I have a mixed pool of servers with ESXi and Other Linux Distributions in my DC.

I want to discover the node which is booted to ESXi..  i can discover the linux host by nmap'ing the port 22 [SSH]

but for ESXi SSH is not enabled by default.. any ideas or mechanism to discover the ESXi ?

Any directions will be of great help..

0 Kudos
1 Solution

Accepted Solutions
MKguy
Virtuoso
Virtuoso

Just scan for port 902. An ESX(i) host will open the socket and respond with an initial message like the following:

220 VMware Authentication Daemon Version 1.10: SSL Required, ServerDaemonProtocol:SOAP, MKSDisplayProtocol:VNC , VMXARGS supported, NFCSSL supported

Here is a quick and dirty bash snippet that scans for the port and message:

net='192.168.1.'

for i in $(seq 255)

do

  echo | nc -nvw1 $net$i 902 | if grep -iq "VMware"

  then

    echo "$net$i looks like an ESX(i) host."

  else

    echo "$net$i does not look like an ESX(i) host."

  fi

done

-- http://alpacapowered.wordpress.com

View solution in original post

0 Kudos
7 Replies
rcporto
Leadership
Leadership

Try search for servers with ports 443 and 902 open.

Use Angry IP Scanner to find hosts by open ports - TechRepublic

---

Richardson Porto
Senior Infrastructure Specialist
LinkedIn: http://linkedin.com/in/richardsonporto
vfk
Expert
Expert

I use Nmap - Free Security Scanner For Network Exploration & Security Audits. it works really, it will identify mac-address by vendor as well.  for example nmap -sP 10.0.0.0/24

--- If you found this or any other answer helpful, please consider the use of the Helpful or Correct buttons to award points. vfk Systems Manager / Technical Architect VCP5-DCV, VCAP5-DCA, vExpert, ITILv3, CCNA, MCP
zXi_Gamer
Virtuoso
Virtuoso

Sometime back I wrote a script for user who wanted to check if the ESXi servers in his network are alive in a given range. Basically the script uses vmkping -c 2 <IP_RANGE> from one ESXi box.

i will dust out the older threads and provide the script if found.. fingers crossed..

Found it..

Since you know the IP range, you can change the 192.168.x.x to your setup:

for i in `seq 255`; do for j in `seq 255`; do echo 192.168.$i.$j; esxcli network diag ping -H 192.168.$i.$j -I vmk0 -c 1 | grep -i Recieved | awk '{if($2 == 1) {print "Alive"} else print "Dead"}' >> Discovery.txt; done; done

0 Kudos
knatesan
Contributor
Contributor

Hi all,

thanks for the inputs..  But I wanted to discover the ESXi hosts from my client which is running on the same subnet.

Any other specific ports that I can scan for ?  is there any workaround?

appreciate any response. .

Thanks again!

0 Kudos
admin
Immortal
Immortal

If you have a Linux machine in the same subnet, then you can use "slptool" to discover the ESX boxes. Service Location Protocol is available on ESX, and you can use below command from your Linux box:

  • slptool findattrs service:VMwareInfrastructure
MKguy
Virtuoso
Virtuoso

Just scan for port 902. An ESX(i) host will open the socket and respond with an initial message like the following:

220 VMware Authentication Daemon Version 1.10: SSL Required, ServerDaemonProtocol:SOAP, MKSDisplayProtocol:VNC , VMXARGS supported, NFCSSL supported

Here is a quick and dirty bash snippet that scans for the port and message:

net='192.168.1.'

for i in $(seq 255)

do

  echo | nc -nvw1 $net$i 902 | if grep -iq "VMware"

  then

    echo "$net$i looks like an ESX(i) host."

  else

    echo "$net$i does not look like an ESX(i) host."

  fi

done

-- http://alpacapowered.wordpress.com

View solution in original post

0 Kudos
knatesan
Contributor
Contributor

Thanks it works!.

appreciate all for contiguous response..


0 Kudos