Leveraging SNMP to detect your mobile device

Tags: #<Tag:0x00007f7455fbbc58>

So like most I’ve experienced the network binding loosing track of mobile devices on my network; and while arping does resolve a lot of these issues, I originally created my openhab server in a different subnet/VLAN. For those who are not network savy arping does not work well in this scenario as it will resolve to the VLAN gateway IP and never change the mobile device to OFF.

So while the tasker guide I wrote up works well, I occasionally had hiccups (mainly from the wife’s phone); so I decided to let my network equipment tell me if the devices were around.

Network equipment being used (other equipment may work):
Cisco 3750
Cisco 1130s
Ubuntu server with snmpwalk (only used to test OID queries), the cisco OIDs are as follows (I also changed my internal values)

  • Switch ARP entries - snmpwalk -c public -v 2c 192.168.1.1 .1.3.6.1.2.1.3.1.1.3
  • AP Association – snmpwalk -c public.9.9.273.1.2.1.1.16

Items file:

Group:Switch:OR(ON, OFF) phone1V
Switch phone1           "phone1"                    (phone1V, gPersist)    { snmp="<[192.168.1.1:public:.1.3.6.1.2.1.3.1.1.3.100.1.192.168.0.5:10000:MAP(arp.map)]" }  
Switch phone1_ap1_24    "phone1 Association Ap1"    (phone1V, gPersist)    { snmp="<[192.168.1.2:public:.1.3.6.1.4.1.9.9.273.1.2.1.1.16.random.generated.values:10000:MAP(assoc.map)]"}
Switch phone1_ap1_5     "phone1 Association Ap1"    (phone1V, gPersist)    { snmp="<[192.168.1.2:public:.1.3.6.1.4.1.9.9.273.1.2.1.1.16.random.generated.values:10000:MAP(assoc.map)]"}

2 MAP transformations are required, as IPs and hex IPs are not switchable on their own:
arp.map

192.168.0.5=ON
Null=OFF

assoc.map

c0\.a8\.00\.05=ON
00\:00\:00\:00=OFF
Null=OFF

Super useful website to convert IP to hex - https://www.browserling.com/tools/ip-to-hex. Also fun discovery openhab by default requires the \ when it comes to special characters, don’t recall exactly which posting had this nugget, just keep that in mind.

After originally getting this to work I did a test run and noticed mobile devices being monitored would show up instantly, however it would take hours before it would change…another great lesson, Cisco by default has a 4 hour timeout for ARP entries. So some light googling and you can change the timeout value with this on the VLAN interface arp timeout 180. I’m sure there is a reason for a 4 hour timeout, but so far for a home network I have not discovered any issues.

I also worked with a co-worker and did the same SNMP setup with his cisco 3560 switch and 1242 access points. We are still troubleshooting his wife’s phone, but he is also seeing the same reliability as I do.
Hopefully this will help others who want to monitor mobile devices but also want to keep openhab out of the same subnet as all your other devices.

4 Likes

The TP-Link Archer VR9000 has a table of connected devices or ARP entries under the OID: 1,3,6,1,2,1,4,22,1,2,16

Dynamic entries with the IP as the dynamic portion of the key:

eg.
IP-MIB::ipNetToMediaPhysAddress.16.10.0.0.202 = STRING: 80:58:xx:xx:xx:xx
or numerically:
.1.3.6.1.2.1.4.22.1.2.16.10.0.0.202 = STRING: 80:58:xx:xx:xx:xx

The expiry time on an ARP entry is very short, with the entry for the phone disappearing within seconds of an adminstrative disconnect (turning Wifi OFF on the phone) and within minutes of the phone going out of range (not quantitative tested as it’s difficult to do). The entry appears within seconds of the phone connecting to Wifi.

Note, the only way to read these dynamic OIDs is to walk the table and filter for the MAC address you want. Of course if the phone has a static IP, you could technically concatenate the IP as the final dynamic portion of the OID and use a GET, and if present the phone is present.

Test device:
Firmware Version:0.2.0 0.9.1 v0069.0 Build 170303 Rel.59897n Hardware Version:Archer VR900 v3 00000000

2 Likes