Setting the Source Address of Offline Detection Packets

Context

The device sends an ARP probe packet to check the user online status. If the user does not respond within a detection period, the device considers that the user is offline.

Only wired users support this function.
This function does not take effect for users who use Layer 3 Portal authentication.
In the SVF or policy association scenario, you are advised to run the access-user arp-detect default ip-address command to set the source IP address of offline detection packets to 0.0.0.0. In the SVF scenario, the command must be configured on the control device and takes effect only for control device detection. The default source IP address of offline detection packets for access device detection is 0.0.0.0. In the policy association scenario, you can directly configure the command on access devices.
In normal situations, after a device sends an ARP probe packet with a default source IP address, online clients will immediately respond with ARP reply packets. If online clients do not respond with ARP reply packets, the device logs them out unexpectedly. To resolve this problem, use either of the following methods:
- Run the access-user arp-detect vlan vlan-id ip-address ip-address mac-address mac-address command to specify a VLAN ID, source IP address, and source MAC address for ARP probe packets.
- Run the authentication timer handshake-period handshake-period command to increase the handshake period so that the device can detect gratuitous ARP packets that these clients send at an irregular period. Once the device detects such packets, it does not log them out.

Procedure

Run system-view
The system view is displayed.
Set the source address of offline detection packets.
- Run access-user arp-detect default ip-address ip-address
  
  The default source IP address of offline detection packets is set.
  
  By default, the default source IP address of offline detection packets is 0.0.0.0.
- Run access-user arp-detect vlan vlan-id ip-address ip-address mac-address mac-address
  
  The source IP address and source MAC address are specified for offline detection packets in a VLAN.
  
  By default, the source IP address and source MAC address are not specified for offline detection packets in a VLAN.
  
  You are advised to set the user gateway IP address and its corresponding MAC address as the source IP address and source MAC address of offline detection packets.
- Run access-user arp-detect fallback ip-address { mask | mask-length }
  
  The IP address required for calculating the source address of offline detection packets is configured.
  
  By default, no IP address is configured for the device to calculate the source address of offline detection packets.
The following source IP addresses used in offline detection packets are listed in descending order of priority:
1. IP address of the VLANIF interface corresponding to the VLAN that users belong to and on the same network segment as users
2. Source IP address specified using the access-user arp-detect vlan vlan-id ip-address ip-address mac-address mac-address command for offline detection packets in a specified VLAN
3. Source IP address calculated based on the IP address specified using the access-user arp-detect fallback ip-address { mask | mask-length } command
4. Default source IP address specified using the access-user arp-detect default ip-address ip-address command for offline detection packets
A modification on the source address of offline detection packets takes effect immediately for users who go online on an Eth-Trunk and users who go online on physical interfaces of the S5720-HI, S5731-H, S5731S-H, S5731-S, S5731S-S, S5732-H, S6730-H, S6730S-H, S6730-S, S6730S-S, S5730-HI, and S6720-HI. In other scenarios, the modification is effective only for new online users.
Run access-user arp-detect delay delay
The delay for sending offline detection packets is configured.

By default, the delay in sending offline detection packets is 10 seconds.