Wired Intelligent Edge (Campus Switching and Routing)

 View Only
last person joined: 9 months ago 

Bring performance and reliability to your network with the Aruba Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of the ArubaOS-Switch and ArubaOS-CX devices, and find ways to improve security across your network to bring together a mobile first solution.

How to learn the IP address of the clients connected in switch 

May 12, 2020 02:35 PM


Methods of learning the IP address of clients connected to switch varies in old and new models.


New Models - 2540, 2920, 2930, 3810, 5400R

 IP Client Tracker


Old Models - 2530,3500,3800,4500 and 5400zl

DHCP Snooping



By default, the switch does not learn the IP address of the clients. DHCP-snooping and IP client-tracker are the two methods by which switch can learn the IP address of the connected clients. DHCP-snooping option should be enabled globally and cannot be enabled on specific ports, this is applicable for both old and new model switches. 


Old Model:

DHCP-snooping should be enabled for switch to learn the IP address of the clients. These switches do not support IP client-tracker option. DHCP-snooping should be on the Client’s VLAN. DHCP-snooping trust configuration must be done on the uplink port of the switch. If the uplink port of the switch has dhcp-snooping untrusted then the DHCP packets would be dropped by the switch.


New Model:

New model switches support both DHCP-snooping as well as IP client-tracker option. In order for switch to learn the client's IP any one method can be used. While using the option “ip client-tracker <trusted/untrusted>” should be specified where trusted represents the IP address of authenticated clients and untrusted represents the IP address of Unauthenticated clients.


Trusted ---> IP address of Authenticated clients

Untrusted ---> IP address of Unauthenticated clients



IP client-tracker configuration:

(Switch)<config># ip client-tracker trusted

(Switch)<config># ip client-tracker untrusted


DHCP-Snooping Configuration:

(Switch)<config># dhcp-snooping enable

(Switch)<config># dhcp-snooping vlan 104

(Switch)<config># show dhcp-snooping


DHCP Snooping Information

DHCP Snooping : Yes

Enabled Vlans : 104

Verify MAC : Yes

Option 82 untrusted policy : drop

Option 82 Insertion : Yes

Option 82 remote-id : mac


(Switch)<config># interface 7 

(Switch)<config># dhcp-snooping trust


In case of LACP, following commands should be used:

Interface trk1

     dhcp-snooping trust




New Model:

Clients connected on interface 6.

(Switch)<config># show port-access clients 

Port Access Client Status

  Port      Client Name       MAC Address            IP Address      User Role         Type     VLAN

 --------    --------------------    ----------------------         ------------------   ----------------      ----------   --------

   6        34e6d7149deb    34e6d7-149deb                             MAC      104   


Old Model:

Connected Clients on Interface 6 and 8, was able to see that the switch learns the IP of the client.

(Switch)<config># show port-access clients 


Port Access Client Status

  Port      Client Name       MAC Address        IP Address      User Role         Type    VLAN

 --------     ------------------      ---------------------      ---------------      -----------------      -------    --------

   6        34e6d7149deb   34e6d7-149deb                              MAC   104  

   8        34e6d7210eb6   34e6d7-210eb6                              MAC   104


(Switch)<config># show dhcp-snooping binding 


  MacAddress                         IP                        VLAN       Interface         Time Left

  -------------------                    ---------                  -----------   ---------------       --------------

  34e6d7-149deb             104                6                 86259

  34e6d7-210eb6             104                8                 86254    


DHCP bindings on switch would get listed only when dhcp-snooping is enabled.


0 Favorited
0 Files

Related Entries and Links

No Related Resource entered.