Re: OT: WLC & ARP from Thomas Perrier on 2011-10-26 (Ccielab archives 10/2011)

From: Thomas Perrier <thomas_at_perrier.name>
Date: Wed, 26 Oct 2011 20:17:28 +0200

Hi Joe,

On Wed, Oct 26, 2011 at 7:36 PM, Joe Astorino <joeastorino1982_at_gmail.com> wrote:
> I have been searching on this topic for a while but can't find a specific
> answer. Does anybody know how a Cisco WLC handles ARP broadcasts for
> wireless clients? Let's say a user on the wired network wants to talk to a
> wireless client. You have a WLC connected to a L3 switch somewhere in your
> infrastructure and several LWAPs. The packet gets routed to the L3 switch,
> and the L3 switch has a directly connected L3 interface for the client where
> the WLC lives. At this point the L3 switch does an ARP broadcast to find
> the MAC address of the wireless client. That broadcast gets to the WLC --
> Now what?
>
> It doesn't seem to make sense that the WLC would forward the ARP broadcast
> over an LWAP tunnel to EVERY access point and that the access points would
> then forward it to every client. So, what happens? Is it some sort of
> proxy arpish type thing the WLC does? Things I have read so far seem to
> indicate that the WLC answers the ARP request with the MAC of the client, as
> it knows the MAC from when the client associated with the remote AP but I
> can't find anything that specifically confirms this.

Found in "Deploying and Troubleshooting Cisco Wireless LAN
Controllers" (Cisco Press) :

"Should ARP unicast be enabled, you can disable it using the following
CLI command:
config network arpunicast disable
If ARP unicast is enabled, the controller responds to an ARP query on
behalf of the client instead of unicasting the request directly to the
target host. This behavior can cause one-way audio with voice clients.
Starting in the 5.1 code release, this command is deprecated.
Furthermore, the proxy ARP nature of the controller cannot be modified
and is always turned off."

What I understand from this, is that in later releases the WLC
unicasts ARP requests directly to the right client (since proxy ARP is
turned off). It would be interesting to lab it some day in order to
verify this behaviour.

-Thomas

Blogs and organic groups at http://www.ccie.net
Received on Wed Oct 26 2011 - 20:17:28 ART

This archive was generated by hypermail 2.2.0 : Tue Nov 15 2011 - 13:10:29 ART