You are here: Home > CLI Commands > Just_CLI_Topics > ip mobile proxy

ip mobile proxy

ip mobile proxy

auth-sta-roam-only

block-dhcp-release

event-threshold <1-100>

log-trail

no-service-timeout <30-300>

on-association

refresh-stale-ip
stale-timeout <30-3600>

stand-alone-AP

trail-length <1-30>

trail-timeout <120-3600>

Description

This command configures the proxy mobile IP module in a mobility-enabled managed device.

Syntax

Parameter

Description

Range

Default

auth-sta-roam-
only

Allows a client to roam only if has been authenticated. If a client has not been authenticated, no mobility service is offered if it roams to a different VLANVirtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. or managed device.

enabled

block-dhcp-release

Filters out DHCPDynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.  release from stations.

event-threshold

Maximum number of mobility events (events that can trigger mobility) handled per second. Mobility events above this threshold are ignored. This helps to control frequent mobility state changes when the client bounces back and forth on APs before settling down.

1-100

25

log-trail

Enables logging at the notification level for mobile client moves.

enabled

no-service-time
out

Time, in seconds, after which mobility service expires. If nothing has changed from the previous state, the client is given another bridge entry but it will have limited connectivity.

30-300

180

on-association

Enabling this option triggers mobility on station association.

Mobility move detection is performed when the client associates with the managed device and not when the client sends packets. Mobility on association can speed up roaming and improve connectivity for devices that can trigger mobility if they do not send many uplink packets. Downside is security; an association is all it takes to trigger mobility. This option is applicable only if layer-2 security is enforced. It is recommended to retain the default settings as this option causes more load in the system due to exchange of extra messages between managed device in the mobility domain.

disabled

refresh-stale-ip

Mobility forces station to renew its stale IP (assuming its DHCPDynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network. ) by deauthorizing the station.

 

 

stale-timeout

Number of seconds the mobility state is retained after the loss of connectivity. This allows authentication state and mobility information to be preserved on the home agent managed device. The default is 60 seconds but can be safely increased. Note that in many case a station state is deleted without waiting for the stale timeout; user delete from management, foreign agent to foreign agent hand-off, etc. (This is different from the no-service-timeout; no-service-timeout occurs up front while the stale-timeout begins when mobility service is provided but the connection is disrupted for some reason.)

30-3600

60

stand-alone-AP

Enables support for third party or stand-alone APs. When this is enabled, broadcast packets are not used to trigger mobility and packets from untrusted interfaces are accepted.

If mobility is enabled, you must also enable stand-alone AP for the client to connect to the managed device’s untrusted port. If the managed device learns wired users via the following methods, enable stand-alone AP:

Third party AP connected to the managed device through the untrusted port.

Clients connected to ENET1 on APs with two ethernet ports.

Wired user connected directly to the managed device’s untrusted port.

NOTE: When IP mobility is enabled, you must also enable the stand-alone AP Support option so that a Multiplexer (MUX) server can perform properly and display all wired users who are connected to a MUX port.

disabled

trail-length

Specifies the maximum number of entries (client moves) stored in the user mobility trail.

1-30

30

trail-timeout

Specifies the maximum interval, in seconds, an inactive mobility trail is held.

120-3600

600

Usage Guidelines

The proxy mobile IP module in a mobility-enabled managed device detects when a mobile client has moved to a foreign network and determines the home agent for a roaming client. The proxy mobile IP module performs the following functions:

Derives the address of the home agent for a mobile client from the HAT using the mobile client’s IP address. If there is more than one possible home agent for a mobile client in the HAT, the proxy mobile IP module uses a discovery mechanism to find the current home agent for the client.

Detects when a mobile client has moved. Client moves are detected based on ingress port and VLANVirtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. changes and mobility is triggered accordingly. For faster roaming convergence between AP(s) on the same managed device, it is recommended that you keep the on-association option enabled. This helps trigger mobility as soon as 802.11802.11 is an evolving family of specifications for wireless LANs developed by a working group of the Institute of Electrical and Electronics Engineers (IEEE). 802.11 standards use the Ethernet protocol and Carrier Sense Multiple Access with collision avoidance (CSMA/CA) for path sharing. association packets are received from the mobile client.

Example

The following command triggers mobility on station association:

(host) [mynode] (config) #ip mobile proxy on-association

Command History

Version

Modification

ArubaOS 8.0.0.0

Command introduced.

Command Information

Platform

License

Command Mode

All platforms

Available in the base operating system.

Config mode on Mobility Master.

/*]]>*/