Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
401
Views
0
Helpful
3
Replies

User Tracking Mechanism - LMS 3.1

pvanvuuren
Level 3
Level 3

‎01-22-2009 02:50 AM

I wish to get a far more clearer understanding of UserTracking.(CM ver 5.1.1) Th userguide does not provide indepth information. I understand that it collects data from routers and switches For instance using the bridge-mib and getting data from the dot1dTpFdbTable OID. I can do this with snmpwalk as well.

But what is confusing, is the way UserTracking populates the collected data in the database. We see plenty duplicate MAC addresses. I see the same MAC address on Fast Ethernet ports and on Gig ports. I understand the MAC will appear in these Gig trunks, but is there a way to stop those from populating the database? Tracking a user to the port he is connected on surely makes more sense.

This question's history is related to investigation into the possibility of using a UT report for monthly billing purposes. One fee per port per user. Inevitably UT can provide prove a user has used a port, but overbilling must not happen due to duplicate MACs etc.

Thanks in advance.

Labels:
0 Helpful
3 Replies 3

Joe Clarke
Cisco Employee
Cisco Employee

‎01-22-2009 07:35 AM

UT is smart enough not to add entries for MAC addresses on trunk ports by default. However, in UT 5.0, you have the option of enable acquisition of users on all trunk ports or just selected trunk ports. If you have enabled this option, then what you're seeing is expected. If not, then UT should not be adding those entries. Check Campus Manager > Admin > User Tracking > Acquisition > Configure Trunk For End Hosts Discovery to see if this feature is enabled.

That said, if these gig ports are not really trunking (simply uplink ports), and CDP is not enabled on these ports (or the CDP neighbors are not being managed by Campus), then seeing users connected to those ports is expected, and there is nothing that can be done in UT to avoid it.

0 Helpful

pvanvuuren
Level 3
Level 3
In response to Joe Clarke

‎01-22-2009 12:39 PM

Ok, thanks Joe. I will check those Acquisition settings. Come to think of it, there are quite a few normal uplink ports. Would it help if I enable CDP then? From the reports it looks like UT will add a new record for a previous discovered MAC address if: the port changed or the VLAN changed.

0 Helpful

Joe Clarke
Cisco Employee
Cisco Employee
In response to pvanvuuren

‎01-22-2009 12:46 PM

If you enable CDP on those ports, you will also need to make sure the neighbors are managed on the Topology Map. Only then will UT ignore entries on those ports.

It depends on the UT DHCP setting as to how UT will resolve moving MACs and the duplicates they cause. If you have DHCP support enabled, only duplicate MACs with reachable IP addresses will be retained.

0 Helpful
Customers Also Viewed These Support Documents