- Table of Contents
- Related Documents
-
Title | Size | Download |
---|---|---|
03-Client roaming center commands | 52.88 KB |
Client roaming center commands
address-security cache
Use address-security cache to set the aging timer for address security entries.
Use undo address-security cache to restore the default.
Syntax
address-security cache { ipv4-aging-time aging-time | ipv6-aging-time aging-time }
undo address-security cache { ipv4-aging-time | ipv6-aging-time }
Default
The aging timer is 14400 seconds for IPv4 entries and 604800 seconds for IPv6 entries.
Views
Client roaming center view
Predefined user roles
network-admin
Parameters
ipv4-aging-time: Specifies IPv4 address security entries.
ipv6-aging-time: Specifies IPv6 address security entries.
aging-time: Specifies the aging timer. The value range is 600 to 86400 seconds for IPv4 entries and 600 to 1296000 seconds for IPv6 entries.
Usage guidelines
The client roaming center generates address security entries at client associations to record client MAC address, IP address, and username information. When the aging timer of an entry expires, the client roaming center deletes the entry.
As a best practice, set an aging timer not larger than the lease of the IP addresses assigned to clients by the DHCP server.
Examples
# Set the aging timer of IPv4 address security entries to 600 seconds.
<Sysname> system-view
[Sysname] client roaming-center
[Sysname-client-roaming-center] address-security cache ipv4-aging-time 600
Related commands
address-security enable
client roaming-center
Use client roaming-center to create a client roaming center and enter its view, or enter the view of an existing client roaming center.
Use undo client roaming-center to delete the client roaming center.
Syntax
client roaming-center
undo client roaming-center
Default
No client roaming center exists.
Views
System view
Predefined user roles
network-admin
Usage guidelines
An AC can act as a client roaming center to synchronize information about associated clients to the WLAN roaming center. This allows the WLAN roaming center to monitor client MAC address and IP address spoofing.
You cannot configure an AC to act as both a client roaming center and the WLAN roaming center.
If you delete the client roaming center, the AC cannot report information about its associated clients to the WLAN roaming center. Please be cautious.
Examples
# Create a client roaming center and enter its view.
<Sysname> system-view
[Sysname] client roaming-center
[Sysname-client-roaming-center]
response-timeout
Use response-timeout to set the response timeout timer for packets to the WLAN roaming center.
Use undo response-timeout to restore the default.
Syntax
response-timeout timeout
undo response-timeout
Default
The response timeout timer is 3 seconds.
Views
Client roaming center view
Predefined user roles
network-admin
Parameters
timeout: Specifies the timeout timer in the range of 1 to 10 seconds.
Usage guidelines
The client roaming center sends client data synchronization and echo packets to the WLAN roaming center periodically. If it fails to receive a response before the response timeout timer expires, it retransmits the packets.
Examples
# Set the response timeout timer to 2 seconds for packets to the WLAN roaming center.
<Sysname> system-view
[Sysname] client roaming-center
[Sysname-client-roaming-center] response-timeout 2
retry
Use retry to set the maximum number of transmission attempts for packets to the WLAN roaming center.
Use undo retry to restore the default.
Syntax
retry retries
undo retry
Default
The maximum number of transmission attempts is 5.
Views
Client roaming center view
Predefined user roles
network-admin
Parameters
retries: Specifies the maximum number of transmission attempts in the range of 1 to 10.
Usage guidelines
The client roaming center sends client data synchronization and echo packets to the WLAN roaming center periodically. If it fails to receive a response before the response timeout timer expires, it retransmits the packets. If the client roaming center fails to receive any response after the last transmission attempt, it determines that the synchronization has failed.
Examples
# Set the maximum number of transmission attempts to 4 for packets to the WLAN roaming center.
<Sysname> system-view
[Sysname] client roaming-center
[Sysname-client-roaming-center] retry 4
roaming-center enable
Use roaming-center enable to enable the client roaming center.
Use undo roaming-center enable to disable the client roaming center.
Syntax
roaming-center enable
undo roaming-center enable
Default
The client roaming center is disabled.
Views
Client roaming center view
Predefined user roles
network-admin
Usage guidelines
This feature enables the AC to act as a client roaming center to synchronize information about associated clients to the WLAN roaming center. This allows the WLAN roaming center to monitor client MAC address and IP address spoofing.
For the client roaming center to take effect, you must also configure address security.
With address security configured, disabling the client roaming center disables new clients from coming online even if the clients can pass 802.1X authentication. Online clients are not affected.
Examples
# Enable the client roaming center.
<Sysname> system-view
[Sysname] client roaming-center
[Sysname-client-roaming-center] roaming-center enable
wlan-roaming-center ip
Use wlan-roaming-center ip to specify an IP address of the WLAN roaming center.
Use undo wlan-roaming-center ip to restore the default.
Syntax
wlan-roaming-center ip ip-address
undo wlan-roaming-center ip
Default
No WLAN roaming center IP address is specified.
Views
Client roaming center view
Predefined user roles
network-admin
Parameters
ip-address: Specifies an IP address of the WLAN roaming center.
Usage guidelines
Perform this task to specify an IP address of the WLAN roaming center for the client roaming center to communicate with the WLAN roaming center.
You can specify only one IP address (IPv4 or IPv6) of the WLAN roaming center for a client roaming center. The address can be any IP address used by the WLAN roaming center. If you execute this command multiple times, the most recent configuration takes effect.
As a best practice to ensure data consistency, do not change the specified IP address of the WLAN roaming center when online clients are present.
Examples
# Specify 192.168.0.111 of the WLAN roaming center for a client roaming center.
<Sysname> system-view
[Sysname] client roaming-center
[Sysname-client-roaming-center] wlan-roaming-center ip 192.168.0.111
wlan-roaming-center port
Use wlan-roaming-center ip to specify the UDP port number of the WLAN roaming center.
Use undo wlan-roaming-center port to restore the default.
Syntax
wlan-roaming-center port port-number
undo wlan-roaming-center port
Default
The UDP port number of the WLAN roaming center is 60035.
Views
Client roaming center view
Predefined user roles
network-admin
Parameters
port-number: Specifies the UDP port number of the WLAN roaming center, in the range of 1 to 65534.
Usage guidelines
Perform this task to specify the UDP port number of the WLAN roaming center for the client roaming center to communicate with the WLAN roaming center.
Make sure the specified UDP port number is the same as the UDP port number configured in WLAN roaming center view.
As a best practice to ensure data consistency, do not change the specified port number of the WLAN roaming center when online clients are present.
As a best practice to avoid data residuals, disable the WLAN roaming center before you change the UDP port number.
Examples
# Specify UDP port number 50102 of the WLAN roaming center.
<Sysname> system-view
[Sysname] client roaming-center
[Sysname-client-roaming-center] wlan-roaming-center port 50102
Related commands
port (WLAN Roaming Command Reference)