How can I see the MAC address table of a Windows network bridge? Is it possible trough command line to find this information?
EDIT: I am interested to see the same table that it is possible to see in the managed switches (e.g. like the Cisco's show mac-address-table or Linux brctl showmacs br0)
The Network Bridge functionality appears to be wholly implemented (at least in Windows 7) by the
bridge.sysdriver. Without access to thebridge.syssource code it's difficult to say anything with certainty, but some cursory sniffing around the binary doesn't show any exposed APIs that would be helpful in dumping the layer 2 adjacency table.(This ASCII text string embedded in the binary is a nice touch, though:
Without specific written consent from Microsoft, it is illegal to reverse engineer, debug or change this binary.)I think you're out-of-luck, from a documented and supported command-line perspective. Searching Microsoft's website for any command-line (or otherwise) tools that deal with the network bridge (aside from the paltry support in
netsh) isn't turning up anything for me.It's interesting to note that the names of the registry parameters specified for the Windows CE network bridge driver are present in the Windows 7
bridge.sysdriver. This tends to make me think that these registry settings would work (not that any of them are helpful to you).Dumping Windows kernel pool allocations is above my pay grade, but I suspect that if you were to figure out what the
bridge.syspool tag was (I suspect it'sBrdg) and dump any pool allocations it makes you'd find the adjacency table in one of those allocations. Making that into a useful tool is left as an exercise to the reader. (>smile<)on a windows system, you can run
arp -ato display the arp table for each interface.. is that not what you are looking for?