Controller Based WLANs

Why do I see some Layer 2 entries in the datapath session table?

Product and Software: This article applies to all Aruba controllers and ArubaOS 3.0 and later.

 

Beginning with ArubaOS 3.x code, we keep track of all untrusted conversations, including non-IP, so that the per-role Layer 2/MAC ACLs do not have to be inspected per frame.

 

For example as the following session shows, the entries with protocol "0806" are ARP request/response from those untrusted MAC addresses.

 

#show datapath session table

 

Source IP Destination IP Prot SPort DPort Cntr Prio ToS Age Destination TAge Flags 
-------------- -------------- ---- ----- ----- ---- ---- --- --- ----------- ---- ----- 

 

12.84.160.68 22.5.150.208 17 1346 1345 0 0 0 1 tunnel 622 1 FYC  80.17.238.82 12.84.219.23 17 22857 23770 0 0 0 1 2/0 1 FYC  21.169.90.65 12.84.160.233 17 26517 17881 0 0 0 1 2/0 1 FYC

 

00:1B:63:CB:E0:32 86dd 0 0 0 0 tunnel 910 3 F 

00:1E:C2:AB:34:74 0806 0 0 0 0 tunnel 1050 2 F 

00:1E:52:74:F0:65 86dd 0 0 0 0 tunnel 499 0 F 

00:1F:3A:1B:4A:9B 0806 0 0 0 1 tunnel 718 1 F

 

 

 

 

 

 

 

 

Version history
Revision #:
1 of 1
Last update:
‎07-02-2014 08:27 AM
Updated by:
 
Labels (1)
Contributors
Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.