Webex HELD Discovery

HELD Overview

HELD supports automatic geolocation resolution by correlating devices connected to switches, switchports, subnets, and upstream layer 3 (IP) gateways (gateway MAC) using data presented in HELD requests.

Administrators should create the network entities, such as network switchports, for the equipment they own and manage. They should assign geolocations to these entities before deploying Webex with HELD to lessen the burden on end-users to define locations within the corporate network.

We do not recommend administrators create network entities and locations for users' home or remote network infrastructure.

User-Preferred Geolocations

9Line supports users defining geolocations other than the administrator-assigned location. This capability supports scenarios such as a user on a floor other than the access point to which they are connected.

When a user sets a geolocation different from what is assigned to a switchport, switch, or Wi-Fi infrastructure device, the geolocation preference will be remembered for the user with that network entity, excluding subnets. This means the geolocation will be returned for future requests when the user initiates a HELD Request Location request for the same network entity.

When a user sets a valid location using a HELD Set Location request, a record is created or updated in the database, linking the user and infrastructure to the geolocation in the request. This record is used during subsequent HELD Request Location requests to remember the preferred geolocation for the specific user and infrastructure.

When a user is deleted, their user-preferred geolocations are also deleted.

Geolocation Determination Criteria

When a Webex App communicates with 9Line, Webex will use HELD to supply information about its current network connection that it can discover. If this information matches existing network entity and location information, as would be expected for pre-configured corporate network entities, the 9Line system will provide the Webex App with the location assigned to the network entity.

When a HELD Request Location request is received, infrastructure and user geolocation preferences are used to determine the geolocation are prioritized in the following order (highest to lowest):

• User-Preferred Switchport
• Switchport
• Switch
• BSSID of a Wi-Fi AP infrastructure device
• Subnet
• The upstream Gateway MAC address (the MAC address of the default gateway for a subnet)
• Manual assignment of a location to a Webex device

However, the Webex App does not prevent a user from specifying a location, even when 9Line has previously provided a location.

As discussed previously, if the user chooses to specify their own location, 9Line tracks the geolocation as a user-preferred geolocation. This geolocation will continue to be the geolocation returned in HELD Request Location requests until one or more of the following device's data changes:

• Device MAC address
• Device IP
• Connected BSSID
• Connected switchport ID
• Connected switch Chassis ID
• MAC Address of the upstream gateway

Determining the Geolocation for a Switchport

If the Webex App is connected to a properly configured LLDP-enabled switch, the app will report the chassis ID and switchport ID via HELD.

These identifiers are decoded to query the database to find the user-preferred geolocation for the switchport if it has been previously set.

If no user-preferred geolocation is found, the database is queried to find a geolocation assigned to a switchport matching the port ID and chassis ID by an administrator.

Determining the Geolocation for a Switch

If the Webex App is connected to a properly configured LLDP-enabled switch but the switch does not advertise a port ID, the Webex App will report the switch's chassis ID via HELD.

The identifier is decoded to query the database to find a user-preferred geolocation for the switch if it has been previously set.

If no user-preferred geolocation is found, the database is queried to find a geolocation assigned to a switch with a chassis ID matching the decoded chassis ID by an administrator.

Determining the Geolocation for a Wi-Fi Access Point

If the Webex App is connected to a wireless access point, the app will report the BSSID of the access point via HELD.

These identifiers are decoded to query the database to find the user-preferred geolocation for the BSSID if the user has previously set a geolocation.

If no user-preferred geolocation is found, the database is queried to find a geolocation assigned to a BSSID by an administrator.

Determining the Geolocation for a Subnet

When the Webex App cannot obtain LLDP information or is not connected to a BSSID, the app will report its IP via HELD.

The 9Line system will use the IP address to query for a matching subnet and the assigned geolocation of a subnet containing the IP.

Users cannot create user-preferred geolocations for subnet entities.

Determining the Geolocation for a Gateway MAC

This scenario requires the following conditions:

• No LLDP information is presented to 9Line.
• No BSSID information is presented to 9Line.
• No subnet is configured, or the reported IP address does not match a configured subnet, in the 9Line portal.

If all conditions are met, 9Line will inspect the Gateway MAC presented by the Webex App. 9Line will use the assigned geolocation of the gateway MAC address.

Users cannot create user-preferred geolocations for Gateway MAC entities.

9Line Agent-Managed Switches

Switches must be configured for LLDP and LLDP must be selected in the 9Line portal when adding the switch. 9Line will use SNMP to query the switch for all switchport IDs and the chassis ID.

📘

Every switch in your environment must have a unique chassis ID.

The following OIDs are used by 9Line to obtain this information:

• Chassis ID OID: 1.0.8802.1.1.2.1.3.2.0
• Chassis ID Subtype OID: 1.0.8802.1.1.2.1.3.1.0
• Port ID OID: 1.0.8802.1.1.2.1.3.7.1.3
• Port ID Subtype OID: 1.0.8802.1.1.2.1.3.7.1.2

Because the Chassis ID is integral in the matching process, if you change the Chassis ID or the ID subtype (this is not typical), the discovery services will not function as expected and will cause requests to appear to be from a different switch.

The agent cannot correlate switches that don’t have data for the LLDP OIDS that specify switch chassis ID and switchport ID data. You must ensure that your switches report switchport IDs and the chassis ID for wired discovery to function as expected.