What is "fdb update on Assoc" feature in VAP? How does it work?
Available in 126.96.36.199 and above code versions
This article describes the implementation of controller generating layer 2 update on behalf of client to update upstream bridge device forwarding tables
"FDB Update on Assoc" This parameter enables seamless failover for silent clients, allowing them to reassociate. If you select this option, the controller will generate a Layer 2 update on behalf of client to update forwarding tables in bridge devices.
Most of the 802.11 client on association sends some L2/L3 traffic which results in update of upstream bridge device forwarding table aka fdb/bridge table. It is possible client after association does not send any data traffic; such clients are termed as “silent clients” and thus during failover (from one Controller to another) downstream traffic to client gets black holed as upstream bridge entry still points to old Controller. This feature deals with Controller generating layer 2 update on behalf of client right after association so that upstream bridge device can update their bridge tables.
For instance a customer who uses wireless bridge and during failover it just re-associates and does not send any data traffic; thus it’s a silent client. Customer wants Controller to generate Layer 2 update which can fix upstream device bridge entry for such silent clients
Under wlan virtual AP there is a new knob
(Aruba3200) (Virtual AP profile "foo") # fdb-update-on-?
fdb-update-on-assoc Mobility controller will generate Layer 2 update on
behalf of client to update forwarding tables in
This is by default “OFF”. Virtual AP(s) which deals with silent clients can enable this so that Controller can generate Layer 2 update.
Most of the time client sends data traffic after association; this implicitly takes care of updating devices forwarding tables to the station’s current location. Thus there is no need to always generate an Layer 2 update on behalf of client after association. The Layer 2 update is an L2 broadcast packet generated by Controller on behalf of client which will be flooded across all vlan members.
This is an expensive operation hence a knob under “wlan virtual AP” profile is introduced which tells datapath whether there is need to generate Layer 2 update for given station or not.