Wireless Access

last person joined: 12 hours ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

DHCP renew issue AP-303H

Jump to Best Answer
  • 1.  DHCP renew issue AP-303H

    Posted Aug 01, 2019 07:33 AM
      |   view attached

    Hello,

     

    We're experiencing DHCP renew issues with a new batch AP-303H AP's. The AP's are configurerd as Remote AP's to connect with the controller in the main office (Aruba 7005).  Upon boot the AP-303H has no problems retrieving IP address from local DHCP server (Palo Alto), but the issue occurs upon renewal, the AP is unable to renew the IP address. After the lease is expired, the AP will restart with the following message: 

     

    AP rebooted Thu Aug 1 12:49:50 PDT 2019; Unable to get IP address using DHCP after 10 tries, total DHCP retry:10

     

    Currently i've set up a test LAB that has a DHCP server which has 5 minutes lease time.  I've tried an old AP-303H (Sticker: DOM 20170522) which does not have the problem, and is able to renew without problems. Next i've tried a new one (Sticker: DOM 20181224) which does have the problem, and reboots after the lease has expired (every 5 min). I've tried multiple DHCP vendors without succes. The only difference i can find between the 2 AP's is the APboot version:

     

    Old AP-303H (without problems):

    APBoot 2.1.4.7 (build 57679)
    Built: 2016-12-08 at 15:41:41

     

    New AP-303H:

    APBoot 2.4.0.8 (build 64221)
    Built: 2018-03-28 at 20:30:14

     

    Both AP's have the same OS version:

    ArubaOS Version 6.5.4.12 (build 68901 / label #68901)

     

    I've a attached a log file from the AP with the problems.

     


    #AP303H

    Attachment(s)

    txt
    AP-303H DHCP problems.txt   36 KB 1 version


  • 2.  RE: DHCP renew issue AP-303H

    Posted Aug 03, 2019 09:32 PM

    Is it possible to get a packet capture from the port the AP is connected to? Might be useful to see if the AP is sending out a DHCPREQUEST shortly before the lease expires or if it is sending something else out or nothing at all. Or it is sending out requests and the PA is declining it or not responding.

     

    Are there any logs on the PA side or on the other DHCP servers?



  • 3.  RE: DHCP renew issue AP-303H

    Posted Aug 09, 2019 07:30 AM

    Thank you for your reply,

     

    I can confirm that the AP is sending (lots) of DHCPREQUESTS and the DHCP server is sending DHCPACKS.

    I wil upload logs from DHCP server and packet capture next monday.

     

    Regards, Diede



  • 4.  RE: DHCP renew issue AP-303H

    Posted Aug 12, 2019 07:17 AM
      |   view attached

    Hello,

     

    I've attached the log from DHCP server and the wireshark capture.

    I've used a port mirror on the switch for the capture, so you can see the DHCPACKs / DHCPOFFERs. The AP reboots at 11:04:50 with the message: AP rebooted Mon Aug 12 11:04:50 PDT 2019; Unable to get IP address using DHCP after 10 tries, total DHCP retry:10

     

    Regards,

     

    Diede

    Attachment(s)

    txt
    dhcpd.txt   15 KB 1 version


  • 5.  RE: DHCP renew issue AP-303H
    Best Answer

    Posted Aug 12, 2019 08:21 AM

    Question:

     

    What are the rules for your ap-uplink-acl acl?

     



  • 6.  RE: DHCP renew issue AP-303H

    Posted Aug 12, 2019 10:05 AM

    Hello 

     

    Thanks for your reply. I don't know why, but the ap-uplink-acl was empty. I've added a permit rule for dhcp traffic and the AP is able to renew its IP:

     

    Flags: P - permit, L - log, E - established, M/e - MAC/etype filter
    S - SNAT, D - DNAT, R - redirect, r - reverse redirect m - Mirror
    I - Invert SA, i - Invert DA, H - high prio, O - set prio
    A - DPI PEF, T - set TOS, 4 - IPv4, 6 - IPv6
    C - Classify Media, a - Disable Scanning J - Route Nexthop
    Index Source Destination Service/Application Flags Pool AP-group Hits Prio Vernum Contract OfAction
    ----- ------------------------------- ------------------------------- --------------------------------------------- ---------- ----- ---------- ---------- ----- ------ -----------
    1: any any 17 0-65535 67-68 P4 1 0 a1 0/0
    2: any any any 46 0 a2 0/0

     

    I still don't know why all the old AP-303Hs are working fine and the new batch encountered this problem.

     

    Thank you,

     

    Diede



  • 7.  RE: DHCP renew issue AP-303H

    Posted Aug 12, 2019 11:08 AM

    It is possible that whenever you applied the PEF license, those rules were not autocreated.