03-09-2009 05:48 AM - edited 07-03-2021 05:16 PM
Where do wireless client ARP tables reside when deploying thin access points and a centralized wireless controller? Do the IP to MAC address mappings reside on the controller since LWAPP is being used? This is a general question I know, thanks.
03-09-2009 06:26 AM
a show client detail
show client detail 00:21:06:62:74:9d
Client MAC Address............................... 00:21:06:62:74:9d
Client Username ................................. unknown
AP MAC Address................................... 00:23:05:0c:ea:40
Client State..................................... Associated
Wireless LAN Id.................................. 1
BSSID............................................ 00:23:05:0c:ea:40
Connected For ................................... 176 secs
Channel.......................................... 1
IP Address....................................... 172
You can also see it on the switch side of the trunk connected to the controller
>sh mac address-table | include 749d
* 18 0021.0662.749d dynamic Yes 5 Po408
And finally, since I am using a router (instead of the l3 switch)
sh arp | include 749d
Internet 172.xxx.xxx.217 4 0021.0662.749d ARPA GigabitEthernet0/1
03-09-2009 06:50 AM
Thanks for the reply. Just to make certain my assumptions are correct. Even if the wireless LAN Controller is a number of routed hops away from the thin access point, a wireless client's MAC to IP pairing will be known by the controller and a routed port connecting to the controller? Does this mean I could SPAN the routed port connecting the controller to the network and get the pairing information this way as well?
03-09-2009 07:10 AM
All traffic from the access point is tunneled back to the controller, which means that all clients have a point of presence on that controller. The switch to which the controller connects will see all the MAC addresses for wireless clients on the interface(s) connected to the controller.
The port connecting to the controller needs to be a L2 trunked port. Best practice is to LAG all controller ports together and connect them to an Etherchannel on the switch. The controller will place the client traffic on this link, and it will flow through the network as if the AP itself was on that port. In other words, nothing special needs to be configured other than making that port a trunked port.
03-09-2009 08:16 AM
Check the arp table of the router that is the gateway for the client subnet.
Yes, you could span or rspan the port that is connected to the controller
03-09-2009 09:50 AM
Thanks for the reply. Wouldn't the gateway for the wireless client subnet be the controller since everything is tunneled back to the controller? If I SPAN the switch port connecting the controller to the network I can get the Wireless client MAC address to Wireless client IP address mappings, true?
03-09-2009 10:02 AM
Think of the controller as the connection between the wireless & wired infrastructure. The client network should be handled by the infrastructure in order to allow for connectivity to internet, network resources, etc.
the tunnel you mention is either lwapp or capwap depending on version.
Yes, if you span the switch port that connects to the controller, you will capture the mac addresses of the wireless clients AS they move onto the wired infrastructure.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide