Got it
Enterprise
Community Forums Switches
ARP detect fail

ARP detect fail

Created: Oct 23, 2019 08:25:17Latest reply: Oct 23, 2019 08:27:56 434 1 1 1
  Rewarded HiCoins: 0 (problem resolved)
display all floors #1

Mac address authentication is performed on the switch. After the authentication succeeds, the user goes offline every 5 minutes.

The command output shows that the user goes offline because the ARP probe is offline.


[XXX]display aaa offline-record all

  ------------------------------------------------------------------------------

  Username             :121d7t32rea5

  Domainname           : mac_authen

  UserMAC             : 121d-XXXX-XXXX

  User accesstype      : MAC

  User accessinterface : GigabitEthernet0/0/1

  Qinq vlan/Uservlan   : 0/110

  User IPaddress       : x.x.x.x

  UserID              : 314

  User logintime       : 2019/10/19 19:07:39

  User offlinetime     : 2019/10/19 19:12:39

  User offline reason  : ARP detect fail

  ------------------------------------------------------------------------------


  • x
  • convention:

I have this problem too (1) Favorite(1) Share Report
Previous: I think there is a bug on S5321-28P-SI-AC switches
Next: S5732 Support MPLS
Featured Answers

Best answer

Recommended answer

(0) (0)
Popeye_Wang
Admin Created Oct 23, 2019 08:27:56 Helpful(0) Helpful(0)

Hi,

The device sends an ARP probe packet to check the user online status. If the user does not respond within a detection period, the device considers that the user is offline.

If the VLAN to which the user belongs does not have a VLANIF interface or the VLANIF interface does not have an IP address, the device sends an offline detection packet using 0.0.0.0 as the source IP address. Some terminals cannot respond to an ARP probe packet with the source IP address 0.0.0.0. Therefore, the device logs them out unexpectedly after the default detection period (5 minutes).

 To resolve this problem, use either of the following methods:

  • Run the access-user arp-detect vlan vlan-id ip-address ip-address mac-address mac-address command to specify a VLAN ID, source IP address, and source MAC address for ARP probe packets.

//In this case access-user arp-detect vlan 110 ip-address x.x.x.x(gateway) mac-address 121d-XXXX-XXXX

  • Run the authentication timer handshake-period handshake-period command to increase the handshake period so that the device can detect gratuitous ARP packets that these clients send at an irregular period. Once the device detects such packets, it does not log them out.

Refer to https://support.huawei.com/hedex/hdx.do?docid=EDOC1100101074&id=EN-US_TASK_0176368884&text=Setting%252520the%252520Source%252520Address%252520of%252520Offline%252520Detection%252520Packets&lang=en

Hope this can help you.

View more
  • x
  • convention:
All Answers
Popeye_Wang
Popeye_Wang Admin Created Oct 23, 2019 08:27:56 Helpful(0) Helpful(0)

Hi,

The device sends an ARP probe packet to check the user online status. If the user does not respond within a detection period, the device considers that the user is offline.

If the VLAN to which the user belongs does not have a VLANIF interface or the VLANIF interface does not have an IP address, the device sends an offline detection packet using 0.0.0.0 as the source IP address. Some terminals cannot respond to an ARP probe packet with the source IP address 0.0.0.0. Therefore, the device logs them out unexpectedly after the default detection period (5 minutes).

 To resolve this problem, use either of the following methods:

  • Run the access-user arp-detect vlan vlan-id ip-address ip-address mac-address mac-address command to specify a VLAN ID, source IP address, and source MAC address for ARP probe packets.

//In this case access-user arp-detect vlan 110 ip-address x.x.x.x(gateway) mac-address 121d-XXXX-XXXX

  • Run the authentication timer handshake-period handshake-period command to increase the handshake period so that the device can detect gratuitous ARP packets that these clients send at an irregular period. Once the device detects such packets, it does not log them out.

Refer to https://support.huawei.com/hedex/hdx.do?docid=EDOC1100101074&id=EN-US_TASK_0176368884&text=Setting%252520the%252520Source%252520Address%252520of%252520Offline%252520Detection%252520Packets&lang=en

Hope this can help you.

View more
  • x
  • convention:
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.

APP

Huawei Enterprise Support Community
Huawei Enterprise Support Community
Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.