03-31-2021 01:25 AM - edited 07-05-2021 01:03 PM
Hi wireless experts,
I'm a "last follower" in Wireless technologies and in the process to evaluate the C9800. If you look in the very details, the thing is very differently from the AireOS boxes... Now I'm struggeling regarding the right IPv4 ARP / IPv6 ND proxy functionality.
Let's recap how the AireOS WLC works (local mode APs):
IPv4: WLC acts as a full ARP proxy. So no ARP packets are sent out to the wireless clients. The WLC handles ARP responses, because it has a full MAC-to-IP-binding table. Why is this good?
Airtime saving (ARP = broadcast = lowest configured mandatory wireless data rate [which is bad by the way])
=> This behavior is configurable or changeable by using the "passive-client" functionality
IPv6: WLC does not act as an ND proxy. The ND Multicast packets are converted to L2 Multicast for Airtime optimization (unsolicited ND = Multicast = highest mandatory data rate... / if converted to Unicast, it's a (hopefully) high supported data rate)
C9800
Without any config tweaking, the WLC default behavior is:
- No IPv4 ARP proxy
- No IPv6 ND proxy (but with L2 Multicast->Unicast conversion of ND frames)
The current best practices state:
In Release 17.3, the Catalyst 9800 can be configured to act as a proxy for ARP traffic and respond on behalf of a registered client. The configuration is under the policy profile:
C9800(config)#wireless profile policy <name>
C9800(config-wireless-policy)#ipv4 arp-proxy
This is the recommended setting as it will save battery life on the wireless devices because the WLC will answer ARP on behalf of the device.
Go that ...
What about IPv6 (IPv6 is always forgotten ...)? Is there any recommendation regarding the "ipv6 nd full proxy"?
How do you guys handle L2 adress resolution in your Catalyst based (non-Flex, non-SDA) deployments?
03-31-2021 08:23 AM
Reach out to your Cisco SE and have him/her see if its in the roadmap. You know ipv6 is always a step behind:)
04-01-2021 01:04 AM
Hi Scott,
thank you for the reply. Sorry, maybe I explained the whole thing incorrect.
Beginning with 17.3 the "ipv6 nd full-proxy" was implemented - so the feature is there.
However, the best practices only give recommendations to implement the IPv4 ARP proxy. The document doesn't state anything regarding IPv6.
So what is the best approach here? I can't think of any drawbacks (except potential bugs) when implementing the IPv6 ND proxy (not considering IPv6 SEND).
My point of view is: If I proxy IPv4 adress resolution, I proxy IPv6 adress resolution as well to have consistency. But I might be wrong
04-01-2021 01:53 AM
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: