Controller Based WLANs

How do we understand the output of "show datapath user table" on the Controller?

by on ‎07-10-2014 05:56 PM

Environment Information  :  

 

Any Aruba Controller
Any Access Point
Any Aruba OS 

 

 

Symptoms  :  Useful command for troubleshooting any Layer 3 client or controller connectivity issues, due to a loop for example 

Cause  :  The Controller datapath (DP) has its own memory and info (table) for different handling of user traffic. 

 

Resolution  :  The output can sometimes help resolve issues with multiple entries for the same client MAC address (IP spoofing), or to verify the number of sessions per client IP address.  

   

 

 

Answer  :  The datapath (DP) has its own memory and info (table) for different handling of user traffic.  The datapath user table describe the user entries (MAC and IP) that is known to the Controller's Datapath.  The output can sometimes be good to check if there are multiple entries for the same client MAC address (IP spoofing), or to verify the number of sessions per client IP address.  The DP user table also tells you about the ACL number, location (ap-group) as well as number of TCP/UDP session associated with each IP address.  We may also see a 0.0.0.0 for the user-mac sometimes, which indicates an L2 entry, unless 0.0.0.0 is used as a test L3 interface on the Controller (say VRRP).  The datapath user table should always be the same as "show user-table verbose" plus the Controller's own entry for each L3 interface like IP interface and VRRP IPs.  Following is a sample output:

 

rtaImage 1.jpg

 

L3 Interfaces on the Controller:

 

rtaImage 2.jpg

 

rtaImage 3.jpg

 

rtaImage 4.jpg

Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.