Wireless Access

Reply
Occasional Contributor II

Dhcp Local to Building issue

I have 18 buildings connected to our data center with gig links.  Each site has its own dhcp server.  The controller is at the data center deep in the core.  All aps in the buildings get an ip from the local servers and can connect to the controller.  I'm trying to build a basic test guest wlan where devices get the local dhcp server vlan addresses.  However its not working, the ap gets an ip but the devices get 169s.  Meaning no connection to dhcp.  I'm new to this device and not sure where to begin.  Any advice is appreciated.  I have read the vrd but they all seem to point to local controllers well we only have one master controller.  Thanks in advance.

 

 

Guru Elite

Re: Dhcp Local to Building issue

Does each site have its own internet connection?


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II

Re: Dhcp Local to Building issue

No they all haul back on fiber to the hub office where the data center is located.

 

Guru Elite

Re: Dhcp Local to Building issue

In that case, case, guests should be tunneled back to the controller, then.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Aruba Employee

Re: Dhcp Local to Building issue

The campus VRD talks about master-local but the configuration is the same for SSID, VAPs and other profiles expect that in your case you terminate the APs on the master instead of on the locals. As you would have seen in the VRD the VLAN and IP configuration is local to the controller and is not propagated from master to local.

 

In your case, you want your users to get IP from local DHCP server but when a VAP is in tunnel mode all the traffic including the DHCP requests are terminated on the controller. One this you can do is

 

1. Have connectivity from the master to the all the local DHCP servers and then configure different VAPs with appropriate local VLANs that the users should use and seperate AP groups for each buiding. Now, the guest VAP in building A will have the VLAN with DHCP helper IP that points to local DHCP server in building A. The guest VAP in building B will have the VLAN with DHCP helper IP that points to local DHCP server in building B and so on. This setup will cause the DHCP traffic to take a longer path. For instance the DHCP discover packet will travel  from local building A ---> datacenter ---> local dhcp server in building A .

 

2. Another, thing you can do is deploy the guest WLAN in bridge mode and let the network routing take care of proper routing to the internet. However, with bridge mode you cannot use captive portal for guests. You can either use open SSID, 802.1X or PSK, which is not ideal for guest networks.

 

 

Hopefully, another Airheads Expert can provide a better solution.

 

Regards,

Sathya

 

Occasional Contributor II

Re: Dhcp Local to Building issue

I setup a simple wlan guest with open access.  Easiest I could think of but the clients aren't gettings ips.  I used wireshark on the building dhcp server.  I see no traffic from the clients asking for an address.  I enabled logging on the controller for network dhcp. 

 

Mar 7 14:36:29 :202534:  <DBUG> |dhcpdwrap| |dhcp| Datapath vlan4: DISCOVER 78:2 b:cb:27:dc:89 Options 3d:01782bcb27dc89 0c:57424f455649525453565231 3c:4d5346542 0352e30 37:010f03062c2e2f1f2179f92b

Mar 7 14:36:55 :202541:  <DBUG> |dhcpdwrap| |dhcp| Received DHCP packet from Dat path, sos msg hdr flags 0x42 opcode 0x5a ingress 0x1060 vlan 2 egress 0x2 src ma c 00:15:17:bf:e7:75 Mar 7 14:36:55 :202534:  <DBUG> |dhcpdwrap| |dhcp| Datapath vlan2: DISCOVER 00:1 5:17:bf:e7:75 Options 3d:01001517bfe775 0c:57424f455669727453565232 3c:4d5346542 0352e30 37:010f03062c2e2f1f2179f92b

 

Above is what the controller reports. I see vlan4 and vlan2 but the vlan I have setup should be from vlan200.  I see no mention of vlan200.  Any ideas.  I looked at the policy and in the firewall policy i see dhcp allowed. 

 

 

Guru Elite

Re: Dhcp Local to Building issue

In the virtual ap profile, you should have vlan 200 and the virtual ap should be tunneled.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II

Re: Dhcp Local to Building issue

Under the ap group configuration the virtual ap settings say vlan 200 and mode is tunneled.

 

Thanks for the help

Guru Elite

Re: Dhcp Local to Building issue

What port is clan 200 tied to? Type "show vlan status"


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II

Re: Dhcp Local to Building issue

gig 0/0.  Its the correct one.

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: