Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
300
Views
1
Helpful
2
Replies

Sending phy switch port info via DHCP Option 82 not possible with SDA?

J. H.
Level 1
Level 1

‎04-09-2024 02:12 AM

Hi!

We have built a SDA network but discovered that the access switches no longer send switch/port to the DHCP-servers.
In our old network we used "ip dhcp snooping information option format remote-id hostname" on the access switches to be able to insert switch/port info to the DHCP servers.

In a SDA network Option 82 is used by SDA itself and renders this feature useless for looking up history data via DHCP server logs.

This means that we no longer can see in our DHCP logs to what physical switch port a MAC-addresses has been been connected to. This is a real issue for us since we have to save these logs for 2 years, which Catalyst Center doesn't do (we don't want to save logs for everything for 2 years). Default limit for backlog search on Catalyst Center is 7 days so I'm guessing 2 years isn't realistic to enable even if possible.

Anyway, is it possible to decode the remote agent ID to extract the physical switch port? (I don't see which field would contain physical switch hostname and port/interface).

Example for Option 82 Agent Remote ID Decoding: AA BB CC CC CC DD EE EE EE EE
AA = Sub option, 03 = LISP (01 = mac address, 02 = string)
BB = length of option
CCCCCCC = LISP Instance ID
DD = Address Family IPv4 = 01 IPv6 -02
EEEEEEEE =Source locator

Any suggestions how to log which clients has been connected to which switchport for a extended period of time in Catalyst Center or elsewhere are very welcome.

 

 

Labels:
0 Helpful
2 Replies 2

andy!doesnt!like!uucp
Spotlight
Spotlight

‎04-09-2024 03:27 AM

Agent Remote ID (subopt 2) gives u VNI ID (CCCCCC) & RLOCK IP (EEEEEEEE) as u've mentioned. If u need port u must look into supopt 1 • Circuit ID Suboption: Encoded in VLAN-PORT-Module format, with VLAN=XX, Port/Module set to
incoming port and switch number as per Version 2 (ciscolive.com) slide 64

andydoesntlikeuucp_0-1712658404708.png

 

 

Preston Chilcote
Cisco Employee
Cisco Employee

‎04-09-2024 08:12 AM

Another method to look into is using Reports in Catalyst Center.  It's true that Assurance, by default, only presents 7 days of data, but you can actually ask it to look back 30 days (I know that doesn't answer your question, just making sure that everyone who reads that knows it).  When it comes to generating Reports, some reports allow up to 90 days look back.  This includes the Client Detail report which will report the interface.  Go to Main Menu->Reports and click on Client Detail card to see the preview, and keep scrolling to the right.

So you could run a recurring report every so often and merge the CSV files it generates.  

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card