Diverse notes & Frequently asked questions

Notes

This section contains diverse notes & links. Its a good place to paste summaries of Forum discussions for example.

Wake on LAN (WoL)

Some users have used WoL, (see http://freenac.net/phpBB2/viewtopic.php?t=78& ) but a request to Cisco explained the following.

WoL and Dynamic VLANs are not compatible because when the PC is shut down, the NIC will be powered down for a split second. This causes the switch to detect the link-down event and to un-assign the port. When the NIC comes back online, the port does not belong to any VLAN and since no frames are received by the port, it would never initiate VMPS queries or forward broadcast/multicast to the device connected to it.

You can verify this on the logs of the switch, you connect a computer to one port of the switch, shut down the computer and you will see a log on the switch that show that the port went down and then back up, make sure you to enable the link-status log on the interface for the switch to show when it goes up/down, the command to enable it is ?logging event link-status? and it is apply on the interface configuration.

Unmanaged systems on dynamic ports?

Through the use of snmp_scan.php we can document the systems which are on a switch and how the port has been configured (static, dynamic, trunk). If a device is on a static port, snmp_scan will document it as an unmanaged system. This system is supposed to always use the same port and therefore the same vlan.

But what happens when we move an unmanaged system to a dynamic port?

When such a case arises, the device is not connected to the network. In the FreeNAC server we don't see any requests coming when we plug the unmanaged device into the dynamic port. On the switch we see that the port goes down and up, but it doesn't generate a VMPS request. So far we can say that "Nothing happens" which is odd, but it is what we've gotten. More tests need to be carried out.

These tests were carried out using a Cisco Catalyst 2940 switch and a Linux machine.

Store user information in VTP domain?

Another experimental feature which we are not going to implement is the following:

When we have FreeRadius using the rad2vmps script, we wanted to know if it was possible to somehow pass user information contained in a RADIUS request to the FreeNAC database, using the field "VTP domain" which is part of any VMPS request.

In tests performed, we were able to get the username from the VTP domain, but we wanted to gather more information, such as:

• Username
• Domain
• Radius port
• Authentication mechanism
• Commentary

Since the VTP domain only has space to hold 33 characters, this solution is neither practical, nor elegant, nor adequate.