Wireless Access

 View Only
last person joined: 4 days ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Expand all | Collapse all

Enforce DHCP bug reported back in 8.2.1.0

This thread has been viewed 17 times
  • 1.  Enforce DHCP bug reported back in 8.2.1.0

    Posted Aug 23, 2024 07:43 AM

    Hi all

    In another thread I was having issues with clients roaming between APs that were in different clusters.  The fix was to disable "Enforce DHCP" on those WLANs.  We would prefer not to do that, but this appears to be our only choice at the moment.

    My question - while digging thru this, I found a bug report way back in 8.2.1.0 - Bug ID 176998, "Symptom:Theclienttrafficisdroppedwhentheenforce-dhcpparameterisenabled. Scenario:ThisissueoccurswhenclientsroamfromoneAP toanotherAPthatterminates onadifferentmanageddeviceandhasnocontextoftheclient.Theclientdoesnotinitiate DHCPdiscoveryafterauthentication,butsendstrafficwhichisdroppedbythemanaged device. Workaround: 1. Disableenforce-dhcpparameterintheAAAprofileusingeithertheWebUIortheCLI:"

    there was never any mention of this bug either still occurring or being resolved in any later versions.  Is this still considered a bug and this is just a workaround, or is it now a "feature" and no longer a bug, it's just the way it must be configured if you have multiple clusters with the possibility of users roaming between them?

    Thanks!

    Jeff



  • 2.  RE: Enforce DHCP bug reported back in 8.2.1.0

     
    Posted Aug 23, 2024 09:55 AM

    That bug ID is incorrect.  The correct bug is 181221 and it is properly described on the fixed on the page here:  https://www.arubanetworks.com/techdocs/ArubaOS/Consolidated_8.x_RN/Content/8.4/00/resolved_8400.htm



    ------------------------------
    Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card
    ------------------------------



  • 3.  RE: Enforce DHCP bug reported back in 8.2.1.0

    Posted Aug 23, 2024 10:11 AM

    Thanks Colin

    That link states that the bug was fixed in 8.4, but I am running 8.10 and still seeing it.  I know you answered me in my other post (and it worked - THANKS!), but we would rather not disable Enforce DHCP on all of our WLANs.  I was hoping this bug was still open and a fix would come down the line where we could roam between clusters AND enforce DHCP.  Thanks again




  • 4.  RE: Enforce DHCP bug reported back in 8.2.1.0

     
    Posted Aug 23, 2024 10:16 AM

     You have never been able to roam between Clusters with enforce DHCP enabled, because whether or not users have obtained an IP address through DHCP is not synchronized between Clusters (EDIT: It is part of the user entry in the user table which is not synchronized).  I am not aware of this ever being changed.



    ------------------------------
    Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card
    ------------------------------



  • 5.  RE: Enforce DHCP bug reported back in 8.2.1.0

    Posted Aug 23, 2024 11:45 AM

    Thanks again Colin.  that's the sort of answer I was looking for (the technical reason why).  I guess I was hoping that Aruba would change that to start syncing them between clusters (or at least give the option to).




  • 6.  RE: Enforce DHCP bug reported back in 8.2.1.0

    Posted Aug 26, 2024 03:38 AM

    Can't provide an authoritative answer, for that reach out to support or your local Aruba sales team.

    In order to enforce that (only) the DHCP assigned IP address is used, you would need to know the assigned IP address, and you can find that only by observing the DHCP handshake/allocation process. The client IP is then stored as 'live data' in the controller, and some of that data (high-value sessions, and IP assignment) can be shared in a cluster to allow failover/roaming between a cluster.

    If the client roams to another cluster, it's traffic is rejected until a DHCP is performed and that other cluster learns the client IP address.

    In the architecture, clusters are to support roaming between controllers, and roaming between different clusters is just not supported for that reason. All locations within a roaming domain should be in the same clusters.

    It may be good if you explain your use-case, or work with your Aruba partner to design this properly. And it may be that enforce DHCP is not supported in your specific situation if you really need different clusters within the same roaming domain.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------