Wireless Access

Reply
Frequent Contributor I

enforce-dhcp not working - 6.4.3.7

I've recently started setting up a small WLAN for fixed-ip (static) devices.  I've duplicated my AAA profile and added the "enforce-dhcp" option to it and use it only for my static WLAN.

 

So using a fixed-ip that comes from the DHCP server works ok:

 

# show user-table  ip 1.1.1.2 detail | include DHCP
Address is from DHCP: yes
  DHCP role: n/a, Default role: cp-logon, Cached role: n/a

 

But when I set the same system (MBair) with a static IP address, it still continues to work, incorrectly stating that the Address is from DHCP.  I've verified that the DHCP server did not hand out this address.

 

# show user-table  ip 1.1.1.3 detail | include DHCP
Address is from DHCP: yes
  DHCP role: n/a, Default role: cp-logon, Cached role: n/a

 

The DHCP address shows up in the route-cache, but the static IP does not.  Interestingly though, even after setting the static and clearing the route-cache, it still remains.

 

# show datapath route-cache table | include f4:f8:f5:fE:fF:fC
1.1.1.2      f4:f8:f5:fE:fF:fC         2016  H

#clear datapath route-cache 1.1.1.2                                    
#clear datapath route-cache 1.1.1.2
# show datapath route-cache table | include f4:f8:f5:fE:fF:fC
1.1.1.2      f4:f8:f5:fE:fF:fC         2016  H

 

 

I've never used enforce-dhcp in the past to be able to say if the new ArubaOS version isn't working or my concept isn't working.

 

thanks

mike

 

Mike Davis
Network Engineer
University of Delaware
Guru Elite

Re: enforce-dhcp not working - 6.4.3.7

Please open a TAC case, so that they can investigate whether this is a bug or not.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II

Re: enforce-dhcp not working - 6.4.3.7

Any news on this? We have the issue at a customer as well. Using Macbook with the option DHCP with manual address...

Frequent Contributor I

Re: enforce-dhcp not working - 6.4.3.7

We were funnelled into upgrading to 6.5 for new hardware so the fix was incorporated there and into later 6.4 versions.. I don't have the bug id handy.

Mike Davis
Network Engineer
University of Delaware
Occasional Contributor II

Re: enforce-dhcp not working - 6.4.3.7

We are using 6.5.1. but it is still possible to change the IP on a Macbook.

Occasional Contributor II

Re: enforce-dhcp not working - 6.4.3.7

I can see the fix in 6.4.4.10. I will double check the software version.

Frequent Contributor I

Re: enforce-dhcp not working - 6.4.3.7

I looked back through my email and found the case.  It was assigned Bug ID: 140731.  (I honestly haven't checked on it in 6.5 as I've been chasing much more important bugs :(  )

 

Bug ID

Description

Component

Platform

Reported Version

Resolved in Version

140731

Symptom: DHCP enforcement in the AAA profile failed in a controller for some clients connecting with static IP addresses. The fix ensures that the traffic from all clients with static IP address is blocked when DHCP enforcement is enabled in the AAA profile. Scenario: This issue occurred when MAC-OS clients with static IP address connected to a controller on which the DHCP enforcement was enabled in the AAA profile. This issue was observed in controllers running ArubaOS 6.4.3.x.

Controller- Datapath

All platforms

ArubaOS 6.4.3.7

ArubaOS 6.4.4.10

      
      
      
      
Mike Davis
Network Engineer
University of Delaware
Occasional Contributor II

Re: enforce-dhcp not working - 6.4.3.7

Hi Mike,

 

is it possible to track if the fix is included in the 6.5 version?

 

Thanks a lot.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: