What is FDB update on Assoc on VAP profile config on controller ?
- 802.11 client on association sends some L2/L3 traffic which results in update of upstream bridge device forwarding table aka fdb/bridge table.
- It is possible client after association does not send any data traffic; such clients are termed as “silent clients” and thus during failover (from one Controller to another) downstream traffic to client gets black holed as upstream bridge entry still points to old controller.
- This feature deals with controller generating layer 2 update on behalf of client right after association so that upstream bridge device can update their bridge tables.'
Steering Mode prefer-5ghz
Dynamic Multicast Optimization (DMO) Disabled
Dynamic Multicast Optimization (DMO) Threshold 6
Drop Broadcast and Unknown Multicast Disabled
Convert Broadcast ARP requests to unicast Enabled
Authentication Failure Blacklist Time 3600 sec
Blacklist Time 3600 sec
Deny inter user traffic Disabled
Deny time range N/A
DoS Prevention Disabled
HA Discovery on-association Enabled
Mobile IP Enabled
Preserve Client VLAN Disabled
Remote-AP Operation standard
Station Blacklisting Enabled
Strict Compliance Disabled
VLAN Mobility Disabled
WAN Operation mode always
FDB Update on Assoc Enabled
WMM Traffic Management Profile N/A
Anyspot profile N/A
(Aruba3200) (Virtual AP profile "foo") # fdb-update-on-?
fdb-update-on-assoc Mobility controller will generate Layer 2 update on
behalf of client to update forwarding tables in
How it works
- Client sends data traffic after association; this implicitly takes care of updating devices forwarding tables to the station’s current location and hence there is no need to always generate an Layer 2 update on behalf of client after association.
- The Layer 2 update is an L2 broadcast (dmac all 0xff) packet generated by MC on behalf of client which will be flooded across all vlan members. This is an expensive operation hence a knob under “wlan virtual AP” profile is introduced which tells datapath whether there is need to generate Layer 2 update for given station or not.
- When wireless bridge and during failover it just re-associates and does not send any data traffic; thus it’s a silent client.
- If the requirement is to have controller to generate Layer 2 update which can fix upstream device bridge entry for such silent clients.