Configuring Device Sensor - Cisco Catalyst 4500 Series Software Configuration Manual

Chapter 49 Configuring 802.1X Port-Based Authentication
mDNS compatible devices (Axis, Pelco cameras etc) send mDNS messages for DNS service discovery to a multicast IP address
(224.0.0.251) on a standard mDNS port 5353. The mDNS client module listens to this UDP port, receives the mDNS message,
and sends it in TLV format to the mDNS IOS sensor shim for further device classification. The module parses the mDNS query
and Answer messages fields to create these TLVs.
A Session Initiation Protocol (SIP) registration message is used for SIP based device-discovery and is sent to Cisco Call
manager by the SIP Client. A H.225 RAS client registration message is used for H323-based device discovery.
If no Cisco Unified Communicator Manager or GateKeeper exists in the topology, the Endpoint will not generate device
Register messages. To handle device discovery in these scenarios, MSP expects the endpoint to make a SIP or H323 call so that
MSP snoops the SIP invite or the H323 setup message to identify endpoint details and notify the IOS sensor.
After the IOS sensor receives these protocol details from MSP, the IOS sensor prepares Normalized TLVs, with the new
protocols. These protocol details are sent to session manager for further classification.

Configuring Device Sensor

Device Sensor is enabled by default. Complete the following tasks when you want Device Sensor to include or exclude a list
of TLVs (termed filter lists) for a particular protocol.
Note If you do not perform any Device Sensor configuration tasks, the following TLVs are included by
default:
• CDP filter--secondport-status-type and powernet-event-type (types 28 and 29)
• LLDP filter--organizationally-specific (type 127)
DHCP filter--message-type (type 53)
•
• Enabling MSP, page 49-117
• Enabling Accounting Augmentation, page 49-118
• Creating a Cisco Discovery Protocol Filter, page 49-118
Creating an LLDP Filter, page 49-119
•
Creating a DHCP Filter, page 49-119
•
Applying a Protocol Filter to the Device Sensor Output, page 49-120
•
Tracking TLV Changes, page 49-120
•
Verifying the Device Sensor Configuration, page 49-121
•
Troubleshooting Commands, page 49-122
•
Restrictions for Device Sensor, page 49-122
•
Enabling MSP
You must configure the MSP profile flow command to activate the MSP platform Packet parser. This is because the MSP device
handler is tightly coupled with MSP flow parser. Not enabling this command means that MSP will not send SIP, H323
notifications to the IOS sensor.
To enable MSP, follow these steps, beginning in privileged EXEC mode:
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Configuring Device Sensor
49-117