So you want to
deploy IPv6 on your wireless network.
You want to use SLAAC and you want
logging of those SLAAC addresses.
Straight from the
horses mouth:
Q: What are IPv6 private addresses and why are they
important to track?
A: Private (also known as temporary) addresses
are randomly generated by the client when SLAAC address assignment is in use.
These addresses are often rotated at a frequency of a day or so, as to prevent
host traceability that would come from using the same host postfix (last 64
bits) at all times. It is important to track these private addresses for
auditing purposes such as tracing copyright infringement. Cisco NCS records all IPv6
addresses in use by each client and historically logs them each time the client
roams or establishes a new session. These records can be configured at
NCS to be held for up to a year.
Pasted
from <http://www.cisco.com/en/US/products/ps10315/products_tech_note09186a0080bae506.shtml#faqs>
BUT Cisco NCS or PI doesn't
make it easy for you, it keeps the addresses in the database somewhere, but as
soon as the client has disassociated you can't search for the IPv6 address
anymore. Disassociated IPv4 addresses
can be searched though.
So far for IPv6
parity.
Radius to the rescue ?
But wait, we've got
radius accounting, right? You'll see the Framed-IP-Address attribute and this
will show you the IPv6 address, right ? RIGHT ?
As we all know, IPv6
is a very new protocol (only about 15 years old), so of course there isn't support for
IPv6 in the Framed-IP-Address attribute. There is a draft proposing
Framed-IPv6-Address (also very new, only 3 years old).
(See http://tools.ietf.org/html/draft-ietf-radext-ipv6-access-16 for more info)
So, no searching, no
IPv6 address logging by Radius.
So far for IPv6 parity again..
But according to the
documentation (see above) cisco is recording those addresses somewhere ...
Reports to the rescue!
The workaround is
reports:
Go to the report
launch pad - Client - Client Sessions
Create a new report:
-
report by SSID (or your own favorite source)
-
reporting criteria (all SSIDs)
-
reporting period select last 7 days
Customize the
report, where you can find the most important data field: "Global
Unique", this will show you the IPv6 address. Now you can schedule this
report weekly and you've got weekly CSV files containing all the necessary
information of the users.
If anyone got a better workaround please share!
No comments:
Post a Comment