Controller Based WLANs

 View Only
last person joined: one year ago 

APs, Controllers, VIA
Back to Library

Controller port bounce feature 

Dec 25, 2017 11:54 PM

Q:

Port bounce feature on controller.



A:

Support for Port bounce has been introduced in 8.2.x version. With this feature, the ports can be shutdown for upto 60 seconds (max) and wired clients can be forced to reconnect/reauthenticate. This can also be used to change the VLAN of the client by sending a CoA.

CoA (Change of Authorization) can be sent by any RADIUS server such as CPPM using the Aruba VSA: Aruba-Host-Port-Bounce.
The Disconnect Request contains the client mac address in the calling-stattion-id and can specify time for which the port has to be in shutdown state. Max value is 60 seconds.

If the value is specified as '0', the port is not shutdown.

(A7030_cluster1) #show port status
Port Status
-----------
Slot-Port  PortType  AdminState  OperState  PoE  Trusted  SpanningTree  PortMode  Speed   Duplex  PortError
---------  --------  ----------  ---------  ---  -------  ------------  --------  -----   ------  ---------
0/0/0      GE        Enabled     Up         N/A  Yes      Forwarding    Access    1 Gbps  Full    -
0/0/1      GE        Enabled     Up         N/A  N/A      Forwarding    Access    1 Gbps  Full    -
0/0/2      GE        Enabled     Down       N/A  No       Disabled      Access    Auto    Auto    Port Bounce (CoA)

(Master) #show log security 10 | include aaa
Dec 4 11:19:09 :121031:  <3949> <DBUG> |authmgr| |aaa| [rc_sequence.c:117] seq_num_timeout_handler: Freed 0 entries
Dec 4 11:19:17 :121031:  <3949> <DBUG> |authmgr| |aaa| [rc_rfc3576.c:189] Received rfc-3576 request (code:40) from 10.17.168.99:42933
Dec 4 11:19:17 :121031:  <3949> <DBUG> |authmgr| |aaa| [rc_rfc3576.c:193] Aruba-Port-Bounce-Host: 60
Dec 4 11:19:17 :121031:  <3949> <DBUG> |authmgr| |aaa| [rc_rfc3576.c:193] Calling-Station-Id: A08CFDA32DF8
Dec 4 11:19:17 :121031:  <3949> <DBUG> |authmgr| |aaa| [rc_api.c:1316] User is wired, setting nas_port_type to wired, port to 8450
Dec 4 11:19:17 :121031:  <3949> <DBUG> |authmgr| |aaa| [user.c:13855] Received VSA Vendor-Specific: 26
Dec 4 11:19:17 :121031:  <3949> <DBUG> |authmgr| |aaa| [rc_server.c:2558] Sending radius response to 10.17.168.99:42933
Dec 4 11:19:17 :121031:  <3949> <DBUG> |authmgr| |aaa| [rc_server.c:2563] NAS-IP-Address: 10.7.44.72
Dec 4 11:19:17 :121031:  <3949> <DBUG> |authmgr| |aaa| [rc_server.c:2563] NAS-Port-Type: Ethernet

Statistics
0 Favorited
7 Views
0 Files
0 Shares
0 Downloads

Related Entries and Links

No Related Resource entered.