Wireless Access

Reply

DHCP server behind a wired RAP port

Hi Airheaders!

 

I have a use case where we want to place RAP3:s on selected sites and build a L2 tunnels to a centrally placed controller. On the centrally placed controller we want to be able to connect clients and recieve IP-adress from the DHCP server that´s placed on the RAP3 side of the tunnel. This isn´t working right now. If we assign IP-address statically we have connectivity.

 

Ports on RAP are trusted, the port on controller side is trusted. What am I missing to make broadcast/DHCP work from an access port on the controller to the DHCP server placed on the wired port of the RAP3?

 

Trying code 6.5.2.0 now.

 

Cheers,

Christoffer Jacobsson | Aranya AB
Aruba: ACMX #537 ACCP | CWNP: CWNA CWDP CWSP CWAP
Guru Elite

Re: DHCP server behind a wired RAP port

It will not work that way. There are many rap deployments that have been destroyed by users plugging in tunneled ports to the cable modem. I believe DHCP is blocked if it is not coming from the controller or the controller's side of the network.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Re: DHCP server behind a wired RAP port

Thanks cjoseph! **bleep** that´s what we were afraid of. Do you know of any way to override this or perhaps a version of code that it will work on?

 

What about putting the RAP3 as instant and doing a centralized L2 tunnel? Will it still block DHCP?

 

Cheers,

Christoffer Jacobsson | Aranya AB
Aruba: ACMX #537 ACCP | CWNP: CWNA CWDP CWSP CWAP

Re: DHCP server behind a wired RAP port

We tried running this setup with Instant-VPN instead but we get the same type of behaviour. We can get DHCP address locally on the IAP (from port 1 to port 2 for example) but as soon as the DHCP offer needs to traverse the tunnel to the controller it doesn´t work.

 

We tried Aruba IPSEC and also GRE with the same type of error. I´m not sure why it blocks DHCP over a GRE tunnel, I´m almost sure that I´ve made for example guest networks that recieve their DHCP from the other end of a GRE tunnel from the controllers perspective. So perhaps the limitation is on the AP side that a DHCP offer is never passed over a tunnel?

 

Anyway, this setup seems to be doomed. :(

 

Cheers,

Christoffer Jacobsson | Aranya AB
Aruba: ACMX #537 ACCP | CWNP: CWNA CWDP CWSP CWAP
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: