1. Why does the slave IAP send DHCP requests to the VC in a cluster?
2. Why we shouldn't DHCP on IAP up-link ports when we have a VC assigned SSID?
1. In a cluster, DHCP server for the network assigned SSID runs on the VC.
2. This ensures that DHCP bindings are not lost when the slave AP goes down risking clients getting duplicate IP address leases.
3. When a SSID is VC assigned, the the slave IAPs relay the DHCP from the client to the VC.
Lets have a look at the DHCP PCAP taken at IAP uplink in a cluster of two IAPS:
1. VC: 192.168.1.64
2. Slave IAP: 192.168.1.66
Above we see:
1. DHCP discover is sent from the slave IAP to the VC.
2. The Relay agent in the DHCP discover is the slave IAPs IP address.
3. The DHCP transactions are unicast.
Thus DHCP shouldn't be blocked on the uplink ports of IAP as the client's DHCP request is unicasted by the slave IAP to VC for a VC assigned SSID.