ip client-tracker

Syntax

ip client-tracker 
no ip client-tracker 

Description

Enables the visibility of statically and dynamically assigned IPv4 and IPv6 addresses for clients.

The no form of this command disables the visibility of statically and dynamically assigned IPv4 and IPv6 addresses for clients.

Command context

config

Parameters

trusted

Enables or disables the visibility of statically and dynamically assigned IPv4 and IPv6 addresses for authenticated clients. The trusted option makes the feature track clients only on authentication enabled ports (edge ports), excluding uplink ports which are not enabled for authentication with the server.

Usage

  • Switch sends ARP probes when IP client tracker feature is enabled. This interval is determined by setting arp-age timeout. By default arp-age timeout is 20 minutes however the default timeout can be changed by using the command ip arp-age <timeout value in minutes>.

    • The periodic ARP probe aids in detecting any change of IP addresses on end clients.

    • Non-chatty clients that do not send packets within regular intervals get deauthenticated due to inactivity after the logoff period. IP client tracker can be used to keep these clients in the network. The customer must always configure the ip arp-age value to less than the configured logoff period, to avoid being de-authenticated due to inactivity.

  • When the administrator tries to execute the no command that has not been configured (does not exist in running configuration), an error will appear.

Example

Show the port-access IPv4 client.

Switch-Stack(config)# show port-access clients             

 Port Access Client Status

  Port  Client Name   MAC Address   IP Address      User Role         Type  VLAN
  ----- ------------- ------------- --------------- ----------------- ----- ----
  1/3   000002b85001  000002-b85001 10.1.1.30                         MAC   10

Example

Show the port-access IPv6 client.

switch(config)# show port-access clients 22

Port Access Client Status

  Port  Client Name   MAC Address   IP Address      User Role         Type  VLAN
  ----- ------------- ------------- --------------- ----------------- ----- ----
  22    0000005daa34  000000-5daa34 n/a                               MAC   20

Example

Show the port-access client detail.

switch(config)# show port-access clients 22 detailed

Port Access Client Status Detail

  Client Base Details :
   Port            : 22                    Authentication Type : mac-based
   Client Status   : authenticated         Session Time        : 64 seconds
   Client Name     : 0000005daa34          Session Timeout     : 0 seconds
   MAC Address     : 000000-5daa34
   IP              : n/a

  Access Policy Details :
   COS Map         : Not Defined           In Limit Kbps       : Not Set
   Untagged VLAN   : 20                    Out Limit Kbps      : Not Set
   Tagged VLANs    : No Tagged VLANs
   Port Mode       : 1000FDx
   RADIUS ACL List : No Radius ACL List
   IPV6 Address    : 2000::10