Wireless Access

Reply
Occasional Contributor II
Posts: 11
Registered: ‎09-12-2011

DHCP Behavior

I have two /24 vlans configured for my guest SSID, with the controller serving up DHCP.  I know this is the max addresses the controller can do.  I went live with this SSID about 2 weeks ago.  I have the lease time set to 4 hours, and I also raised the user idle timeout to the max allowed of 255 minutes.  I've noticed the controller never seems to hand out an address to a device other than the original one.  It started with the highest address in each DHCP scope (.254) and has been counting down with the addresses it hands out.  It got down to about .80 on each vlan on Friday.  The controller only shows about 150 used leases if you issue "show ip dhcp statistics."   I've noticed if I connect a test device, then disconnect and don't reconnect again for several days I still get the same address.  There seems to be some attachment between a mac and an IP that lasts well beyond the lease time.  Once the controller gets down to the lowest address in each pool will it start handing out the ones that were previously used but the lease has expired on?  That's what should happen, but again something odd seems to be going on.  I don't want to run out of addresses.

Guru Elite
Posts: 21,291
Registered: ‎03-29-2007

Re: DHCP Behavior

Many Devices automatically request the same address that they had previously and most dhcp servers, if the address is available, will give it back to the client.

 

The big question is, why do you have the user idle timeout configured to 255?

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 11
Registered: ‎09-12-2011

Re: DHCP Behavior


cjoseph wrote:

Many Devices automatically request the same address that they had previously and most dhcp servers, if the address is available, will give it back to the client.

 

The big question is, why do you have the user idle timeout configured to 255?

 


Most of the devices on our guest network are employee's personal mobile devices.  When they go to sleep and then wake up they'd always have to reauthenticate (accept Terms & Conditions) since they would hit the default user idle timeout of 5 minutes, which made for a bad user experience from the CIO on down.  My boss wanted to set the timeout to infinity but that wasn't possible.

Guru Elite
Posts: 21,291
Registered: ‎03-29-2007

Re: DHCP Behavior

[ Edited ]

bnine wrote:

cjoseph wrote:

Many Devices automatically request the same address that they had previously and most dhcp servers, if the address is available, will give it back to the client.

 

The big question is, why do you have the user idle timeout configured to 255?

 


Most of the devices on our guest network are employee's personal mobile devices.  When they go to sleep and then wake up they'd always have to reauthenticate (accept Terms & Conditions) since they would hit the default user idle timeout of 5 minutes, which made for a bad user experience from the CIO on down.  My boss wanted to set the timeout to infinity but that wasn't possible.


Got it.

 

The downside is that your user table will be artificially inflated with devices that have not been there for quite some time (255 minutes).

 

If you can, you might want to setup a 802.1x SSID just for employee devices that puts users to the GUEST wlan, and that might solve your problem.  Handheld devices all save credentials and will automatically connect users to the WLAN in the backround.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: