Controller Based WLANs

How is DHCP-option based UDR is implemented?

by on ‎07-01-2014 03:38 AM

This article applies to Aruba Mobility Controllers running Aruba OS.

 

The DHCP option feature allows you to assign a user role or VLAN to a client device type by identifying a
DHCP signature for that device. DHCP-Option based UDR has the highest priority and cannot be overridden by further L2 authentication, unless RADIUS server sends “Aruba-No-DHCP-Fingerprint” VSA attribute during L2 auth.
 

Before creating a DHCP-Option based UDR (User Derivate Rule), one have to find the DHCP signature of a client which is specific to client operating system. This signature is sent by client in the initial DHCP discover packet and for this reason the new rules will not take effect until the user is completely deleted from the controller and rejoins.

Below debug need to be enabled on controller to identify DHCP signature :
 

  • logging level debugging network subcat dhcp
  • logging level debugging network process dhcpd

 

Below is the output shown from a controller

(Aruba) #show log network all | include ption

Jun 14 04:18:54 :202536:  <DBUG> |dhcpdwrap| |dhcp| Datapath vlan4: REQUEST 24:77:03:5d:b0:80 Transaction ID:0xf0a31ca6 reqIP=4.4.4.3 Options 3d:012477035db080 0c:41646d696e2d5043 51:00000041646d696e2d50432e726468696d616e2e776c616e 3c:4d53465420352e30 37:010f03062c2e2f1f2179f


NOTE: DHCP signature ID is not case sensitive and need to be entered removing the colon. For example, the above signature need to be entered as 37010f03062c2e2f1f2179f

 

Following is the DHCP-Option UDR configuration show from controller CLI:


rtaImage 1.jpeg

 

NOTE: DHCP-Option-77 rules in UDR is only for wired-users.

Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.