Controller-less WLANs

How does Centralized L3 DHCP relay agent functionality works on IAP 4.0 ?

by on ‎06-29-2014 04:25 PM

 

•       Centralized L3 DHCP scope - Virtual Controller acts as DHCP Relay agent
•       Centralized DHCP server - provides IP addresses for multiple networks
•       VC and DHCP server are located in different network
•       VC acts as gateway for the clients
•       Typical deployment model is DHCP server is behind a controller on corporate network, which can be reached through IPSec.

Typical Scenario:-
--------------------


•       DHCP server is behind IPSec tunnel.
•       VC forwards DHCP requests through tunnel to reach DHCP server located at Corporate network
•       Route addition happens in controller for Centralized L3 network configured
•       Client traffic to non-corporate destinations will be src-natted on the IAP.


rtaImage.jpg





Configuration from WEBUI:-
----------------------------------


rtaImage.jpg



From CLI:-
-------------
 
6c:f3:7f:c3:5b:f8 (config) # ip dhcp cl3
6c:f3:7f:c3:5b:f8 (DHCP Profile "cl3") # server-type Centralized,L3
6c:f3:7f:c3:5b:f8 (DHCP Profile "cl3") # server-vlan 2003
6c:f3:7f:c3:5b:f8 (DHCP Profile "cl3") # dhcp-relay
6c:f3:7f:c3:5b:f8 (DHCP Profile "cl3") # vlan-ip 172.16.4.7 mask 255.255.255.0
6c:f3:7f:c3:5b:f8 (DHCP Profile "cl3") # dhcp-server 172.16.6.100
6c:f3:7f:c3:5b:f8 (DHCP Profile "cl3") # end
6c:f3:7f:c3:5b:f8# commit apply
committing configuration...
configuration committed.

6c:f3:7f:c3:66:ca# show dhcps
----  ---------  --------------  -------------
Other DHCP Scopes
-----------------
Name  Type            VLAN  Network  Netmask  Exclude Address  Default Router  DNS Server  Domain Name  Lease Time  DHCP Relay  DHCP Relay Servers  DHCP Option 82  DHCP Option  VLAN IP     VLAN Mask
----  ----            ----  -------  -------  ---------------  --------------  ----------  -----------  ----------  ----------  ------------------  --------------  -----------  -------     ---------
cl3   Centralized,L3  2003  0.0.0.0  0.0.0.0  0.0.0.0          0.0.0.0         0.0.0.0                  43200       ON          172.16.6.100        None                         172.16.4.7  255.255.255.0


Comments

Hi!

 

We have this working nicely on a wired uplink on the internet. When we switch to using a 3G modem as uplink everything works except the IP helper packet does not seem to be forwarded through the IPSEC tunnel (the packet never reaches the terminating controller).

 

Any idea what could be causing this problem with Centralized L3 and 3G/4G uplink?

Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.