Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5480
Views
0
Helpful
3
Replies

Device Tracking C9300 STALE entries / DHCP Bad Address

c01
Level 1
Level 1

‎09-24-2019 10:43 PM

Hi all,

We are confused about device-tracking on C9300. A lot of entries are in state STALE although the clients are online and reachable. Furthermore the windows DHCP server is filled up with BAD ADDRESS entries. On C2960x we cannot see such STALE entries and DHCP works fine. I tried to find out how device-tracking really works but can't find much information.

Regarding other discussions I tinkered around with different reachable-lifetimes but with no success.

Does somebody know how to configure device-tracking in C9300 to avoid this behavior?

Regards,

Urs

Labels:
0 Helpful
3 Replies 3

jj27
Spotlight
Spotlight

‎09-24-2019 11:06 PM

Can you share the relevant configuration from your switch related to device tracking?

0 Helpful

Deepak Kumar
VIP Alumni
VIP Alumni

‎09-24-2019 11:23 PM - edited ‎09-24-2019 11:25 PM

Hi,

I hope below URLs will help you:

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-6/command_reference/b_166_9300_cr/b_166_9300_cr_chapter_01011.html#wp3737263410

 

https://www.cisco.com/c/en/us/support/docs/ip/address-resolution-protocol-arp/118630-technote-ipdt-00.html

 

We need your switch configuration to understand the issue. Have you enabled IP DHCP Snooping?

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful

tsgruu2000
Level 1
Level 1
In response to Deepak Kumar

‎09-25-2019 12:58 AM

Dot1x and DHCP Snooping are in use.

 

Device-Tracking

#sh run | s device-tracking
device-tracking tracking auto-source override
device-tracking tracking retry-interval 15
device-tracking policy uplink
trusted-port
device-role switch
no protocol udp

 

Uplink

interface Port-channel1
description Uplink
switchport mode trunk
switchport nonegotiate
device-tracking attach-policy uplink
no macro auto processing
ip dhcp snooping trust

 

Access Port

interface GigabitEthernet1/0/13
description Client
switchport access vlan 60
switchport mode access
switchport voice vlan 30
device-tracking
no logging event link-status
authentication control-direction in
authentication event fail action authorize vlan 400
authentication event server dead action authorize vlan 60
authentication event no-response action authorize vlan 400
authentication event server alive action reinitialize
authentication host-mode multi-auth
authentication order mab dot1x
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
no snmp trap link-status
mab
storm-control broadcast level 30.00
macro description CLIENT_PORT
dot1x pae authenticator
dot1x timeout quiet-period 2
dot1x timeout server-timeout 3
dot1x timeout tx-period 10
dot1x timeout supp-timeout 2
spanning-tree portfast
service-policy output QUEUEING
ip dhcp snooping limit rate 100

 

Device-Tracking database

ARP 10.1.60.253 3005.5c3b.110b Gi4/0/3 60 0005 6mn VERIFY 50 s try 2
ARP 10.1.60.251 3005.5c7a.b8c2 Gi1/0/46 60 0005 6mn VERIFY 51 s try 2
ARP 10.1.60.245 3c2a.f473.ee7f Gi2/0/17 60 0005 0s REACHABLE 312 s try 0
ARP 10.1.60.240 3c2a.f437.2075 Gi2/0/36 60 0005 6mn VERIFY 50 s try 2
ARP 10.1.60.233 3005.5caf.1612 Gi1/0/19 60 0005 26mn STALE 88844 s
ARP 10.1.60.224 3c2a.f495.d4d4 Gi2/0/11 60 0005 12mn VERIFY 55 s try 2
ARP 10.1.60.220 0017.c84f.e997 Gi3/0/37 60 0005 8s REACHABLE 293 s
DH4 10.1.60.211 a042.3f33.99ab Gi1/0/34 60 0031 12mn VERIFY 652 s try 3(659729 s)
ARP 10.1.60.202 e86a.64da.0775 Gi3/0/31 60 0005 1s REACHABLE 301 s try 0
DH4 10.1.60.194 448a.5b70.d835 Gi3/0/5 60 0031 3mn REACHABLE 114 s(690997 s)
ARP 10.1.60.174 d8cb.8ab1.bc7c Gi3/0/29 60 0005 951mn STALE 30239 s
ARP 10.1.60.172 0001.ce02.56c2 Gi4/0/19 60 0005 37mn STALE 86515 s
ARP 10.1.60.170 0001.ce00.381e Gi1/0/36 60 0005 72mn STALE 86529 s
ARP 10.1.60.160 0001.ce00.30a1 Gi4/0/20 60 0005 93mn STALE 85547 s
ARP 10.1.60.154 8c16.456a.e21e Gi3/0/45 60 0005 1s REACHABLE 311 s try 0
DH4 10.1.60.150 e86a.6485.24d6 Gi2/0/2 60 0031 987mn STALE 630394 s
ARP 10.1.60.147 e86a.6486.6161 Gi3/0/17 60 0005 17s REACHABLE 294 s
ARP 10.1.60.146 e86a.6463.3136 Gi3/0/27 60 0005 847mn DOWN 39926 s
ARP 10.1.60.140 3005.5cbb.78ff Gi3/0/28 60 0005 26mn STALE 87480 s
ARP 10.1.60.136 e86a.64a5.bb89 Gi1/0/14 60 0005 887mn STALE 37875 s

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card