Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

DHCP Behavior

This thread has been viewed 0 times

  • 1.  DHCP Behavior

    Posted Jan 07, 2012 10:44 AM

    I have two /24 vlans configured for my guest SSID, with the controller serving up DHCP.  I know this is the max addresses the controller can do.  I went live with this SSID about 2 weeks ago.  I have the lease time set to 4 hours, and I also raised the user idle timeout to the max allowed of 255 minutes.  I've noticed the controller never seems to hand out an address to a device other than the original one.  It started with the highest address in each DHCP scope (.254) and has been counting down with the addresses it hands out.  It got down to about .80 on each vlan on Friday.  The controller only shows about 150 used leases if you issue "show ip dhcp statistics."   I've noticed if I connect a test device, then disconnect and don't reconnect again for several days I still get the same address.  There seems to be some attachment between a mac and an IP that lasts well beyond the lease time.  Once the controller gets down to the lowest address in each pool will it start handing out the ones that were previously used but the lease has expired on?  That's what should happen, but again something odd seems to be going on.  I don't want to run out of addresses.



  • 2.  RE: DHCP Behavior

    EMPLOYEE
    Posted Jan 07, 2012 11:40 AM

    Many Devices automatically request the same address that they had previously and most dhcp servers, if the address is available, will give it back to the client.

     

    The big question is, why do you have the user idle timeout configured to 255?

     



  • 3.  RE: DHCP Behavior

    Posted Jan 08, 2012 10:26 AM
    @cjoseph wrote:

    Many Devices automatically request the same address that they had previously and most dhcp servers, if the address is available, will give it back to the client.

     

    The big question is, why do you have the user idle timeout configured to 255?

     

    Most of the devices on our guest network are employee's personal mobile devices.  When they go to sleep and then wake up they'd always have to reauthenticate (accept Terms & Conditions) since they would hit the default user idle timeout of 5 minutes, which made for a bad user experience from the CIO on down.  My boss wanted to set the timeout to infinity but that wasn't possible.



  • 4.  RE: DHCP Behavior

    EMPLOYEE
    Posted Jan 08, 2012 10:30 AM
    @bnine wrote:
    @cjoseph wrote:

    Many Devices automatically request the same address that they had previously and most dhcp servers, if the address is available, will give it back to the client.

     

    The big question is, why do you have the user idle timeout configured to 255?

     

    Most of the devices on our guest network are employee's personal mobile devices.  When they go to sleep and then wake up they'd always have to reauthenticate (accept Terms & Conditions) since they would hit the default user idle timeout of 5 minutes, which made for a bad user experience from the CIO on down.  My boss wanted to set the timeout to infinity but that wasn't possible.

    Got it.

     

    The downside is that your user table will be artificially inflated with devices that have not been there for quite some time (255 minutes).

     

    If you can, you might want to setup a 802.1x SSID just for employee devices that puts users to the GUEST wlan, and that might solve your problem.  Handheld devices all save credentials and will automatically connect users to the WLAN in the backround.