Is there an easy way to find VM's in the infrastructure by sniffing traffic? Could I use CDP for my cisco network or sniff traffic on ports 902 and 903 to look for traffic going to virtual center? I want to try and find a way to discover VM's on the network via the network layer.
Hello,
CDP is the best choice as sniffing traffic may not lead to any results if the remote console is not used or virtual center not employed or any other things that are not used to communicate between VMs. Many tools exist to find the underlying machine type in use. HPSIM has methods to do this as do others. Its the only one I remember off the top of my head... However for a pure networking issue CDP works best for ESX. However, I am not sure if CDP will work with Workstation or Server.
Best regards,
Edward L. Haletky
VMware Communities User Moderator
====
Author of the book 'VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers', Copyright 2008 Pearson Education.
CIO Virtualization Blog: http://www.cio.com/blog/index/topic/168354
As well as the Virtualization Wiki at http://www.astroarch.com/wiki/index.php/Virtualization
would suggest you use a mac address filter
Tracking down VM's should be possible with out a sniffer..... in a Cisco enviroment I would simply query the default gateway(s), which the VMs are using
"show mac-address-table | include 00-0C"
"show mac-address-table | include 00-50"
This should show you the L2 addresses..... For L3 info do a´: "show ip arp | include <MAC-address from previous output>
/Rubeck
Hello,
CDP is the best choice as sniffing traffic may not lead to any results if the remote console is not used or virtual center not employed or any other things that are not used to communicate between VMs. Many tools exist to find the underlying machine type in use. HPSIM has methods to do this as do others. Its the only one I remember off the top of my head... However for a pure networking issue CDP works best for ESX. However, I am not sure if CDP will work with Workstation or Server.
Best regards,
Edward L. Haletky
VMware Communities User Moderator
====
Author of the book 'VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers', Copyright 2008 Pearson Education.
CIO Virtualization Blog: http://www.cio.com/blog/index/topic/168354
As well as the Virtualization Wiki at http://www.astroarch.com/wiki/index.php/Virtualization