cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2628
Views
0
Helpful
6
Replies

Wireless Client ARP Table

ahenselumuc
Level 1
Level 1

Where do wireless client ARP tables reside when deploying thin access points and a centralized wireless controller? Do the IP to MAC address mappings reside on the controller since LWAPP is being used? This is a general question I know, thanks.

6 Replies 6

ericgarnel
Level 7
Level 7

a show client detail will give that info.

show client detail 00:21:06:62:74:9d

Client MAC Address............................... 00:21:06:62:74:9d

Client Username ................................. unknown

AP MAC Address................................... 00:23:05:0c:ea:40

Client State..................................... Associated

Wireless LAN Id.................................. 1

BSSID............................................ 00:23:05:0c:ea:40

Connected For ................................... 176 secs

Channel.......................................... 1

IP Address....................................... 172

You can also see it on the switch side of the trunk connected to the controller

>sh mac address-table | include 749d

* 18 0021.0662.749d dynamic Yes 5 Po408

And finally, since I am using a router (instead of the l3 switch)

sh arp | include 749d

Internet 172.xxx.xxx.217 4 0021.0662.749d ARPA GigabitEthernet0/1

Thanks for the reply. Just to make certain my assumptions are correct. Even if the wireless LAN Controller is a number of routed hops away from the thin access point, a wireless client's MAC to IP pairing will be known by the controller and a routed port connecting to the controller? Does this mean I could SPAN the routed port connecting the controller to the network and get the pairing information this way as well?

All traffic from the access point is tunneled back to the controller, which means that all clients have a point of presence on that controller. The switch to which the controller connects will see all the MAC addresses for wireless clients on the interface(s) connected to the controller.

The port connecting to the controller needs to be a L2 trunked port. Best practice is to LAG all controller ports together and connect them to an Etherchannel on the switch. The controller will place the client traffic on this link, and it will flow through the network as if the AP itself was on that port. In other words, nothing special needs to be configured other than making that port a trunked port.

Check the arp table of the router that is the gateway for the client subnet.

Yes, you could span or rspan the port that is connected to the controller

Thanks for the reply. Wouldn't the gateway for the wireless client subnet be the controller since everything is tunneled back to the controller? If I SPAN the switch port connecting the controller to the network I can get the Wireless client MAC address to Wireless client IP address mappings, true?

Think of the controller as the connection between the wireless & wired infrastructure. The client network should be handled by the infrastructure in order to allow for connectivity to internet, network resources, etc.

the tunnel you mention is either lwapp or capwap depending on version.

Yes, if you span the switch port that connects to the controller, you will capture the mac addresses of the wireless clients AS they move onto the wired infrastructure.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: