Sounds simple enough, but Mole is afraid there's no such utility similar to ARP that he can point you to that can be ran from the command line and does a reverse ARP lookup, even though it's right there in the protocol stack. Mole is at a loss to explain why there isn't one, to be honest.
Mole has dug high and low, and even though this question has been around for many years (see RFC 903), the best that Mole can do for you is offer some approaches that you can take, and here they are in order of preference:
1. Using a network sniffer/analyzer, sniff the wire by filtering on the MAC address, ARP, and RARP. Observe the associated IP address.
2. Instead of scrounging around to find out the IP address associated with a known MAC address, why not circumvent that whole thing by assigning an IP address to that MAC via DHCPCMD, and then you'd have everything you need. You can get the NetBIOS name by pinging that IP address. The big assumption here is that the customer is using DHCP, of course.
The following is an example that reserves IP address 11.101.13.53 in the 11.101.0.0 scope to a client with a hardware address of 08002B30369B:
dhcpcmd AddReservedIP 11.101.0.0 11.101.13.53 08002B30369B
Then, just issue a ping:
ping -a 11.101.13.53
to get the NetBIOS name. The one obvious drawback to this would be that you'd have to reboot that machine before the assigned IP address would take effect.
3. Identify the subnet that this offending NIC/computer is on. Write a batch file that pings every machine on the subnet. Look at the ARP cache. Mole doesn't really recommend this approach, as it is pretty lame. But it could be one way to do it.
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)
Discussion Intel current and future Lakes & Rapids thread
Facebook
Twitter