I did some debug on both setup.
First setup (NOT WORKING).
Cisco switch uplink port in trunk mode, Vlan 1 untagged (native), Vlan 2-3 tagged.
IAP IP address 192.168.0.5 i guess in Vlan 1 (ad by default IAP settings).
SSID Office Vlan 2 DHCP pool 192.168.1.x (assigned by Cisco switch), not working.
SSID Sales Vlan 3 DHCP pool 192.168.1.x (assigned by Cisco switch), working.
DHCP debug info on a client (desktop) :
WIFIAD01# debug pkt mac 04:69:f8:dd:6f:1f
WIFIAD01# debug pkt match mac
WIFIAD01# debug pkt type dhcp
WIFIAD01# debug pkt dump
If source or destination MAC is 04:69:f8:dd:6f:1f
AND packet is of type DHCP
Press 'q' to quit.
Received packet from aruba101 (timestamp (116-8-11 22:31:15:184176) )
[asap_firewall_forward(5048):firewall entry] len 342, vlan 0, egress CP, ingress aruba101:
#mac: etype 0800 smac 04:69:f8:dd:6f:1f dmac ff:ff:ff:ff:ff:ff
#ip: sip 0.0.0.0, dip 255.255.255.255, proto 17, dscp 48, fragment ok, last fragment, fragment offset 0
#udp: sport 68 dport 67 len 308
#dhcp: message-type: request
hardware type: 1, len: 6, hops: 0
txn id: 0xabc2874b, seconds elapsed: 10
client mac: 04:69:f8:dd:6f:1f
magic cookie: 0x63825363
#dhcp-option: message-type: discover
[asap_firewall_forward(5218):vlan decision] len 342, vlan 2, egress CP, ingress aruba101:
[asap_firewall_check_dhcp_packet(2386):dhcp packet from client] len 342, vlan 2, egress CP, ingress aruba101:
[asap_firewall_forward(5583):looking up bridge entry] len 342, vlan 2, egress CP, ingress aruba101:
[asap_firewall_forward(5894):bridge section] len 342, vlan 2, egress CP, ingress aruba101:
[asap_firewall_forward(6023):session section] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_forward(6217):fastpath returned 1 opcode 4] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_forward(6249):slowpath section: opcode 4] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_forward(6485):back to fastpath, opcode 3] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_forward(6789):route section] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_forward(6839):cp route section] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_forward(7122):forward section] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_flood(8476):flooding] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_flood(8533):adding option 82] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_add_rem_dhcp_option82(8125):returning w/o adding option 82] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_add_vlan_to_dhcp(8313):adding vlan to dhcp] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_add_vlan_to_dhcp(8354):added vlan to dhcp] len 346, vlan 2, egress vlan 2, ingress aruba101:
#mac: etype 0800 smac 04:69:f8:dd:6f:1f dmac ff:ff:ff:ff:ff:ff
#ip: sip 0.0.0.0, dip 255.255.255.255, proto 17, dscp 48, fragment ok, last fragment, fragment offset 0
#udp: sport 68 dport 67 len 312
#dhcp: message-type: request
hardware type: 1, len: 6, hops: 0
txn id: 0xabc2874b, seconds elapsed: 10
client mac: 04:69:f8:dd:6f:1f
magic cookie: 0x63825363
#dhcp-option: message-type: discover
#dhcp-option: aruba-vlan: 2
[asap_firewall_flood(9208):stack section protocol=0x8ffb, type=1] len 346, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_send_up_stack(3316):going to stack protocol:0x8ffb type:1] len 332, vlan 2, egress vlan 2, ingress br0:
Received packet from aruba101 (timestamp (116-8-11 22:31:16:242876) )
[asap_firewall_forward(5048):firewall entry] len 342, vlan 0, egress CP, ingress aruba101:
#mac: etype 0800 smac 04:69:f8:dd:6f:1f dmac ff:ff:ff:ff:ff:ff
#ip: sip 0.0.0.0, dip 255.255.255.255, proto 17, dscp 48, fragment ok, last fragment, fragment offset 0
#udp: sport 68 dport 67 len 308
#dhcp: message-type: request
hardware type: 1, len: 6, hops: 0
txn id: 0xabc2874b, seconds elapsed: 11
client mac: 04:69:f8:dd:6f:1f
magic cookie: 0x63825363
#dhcp-option: message-type: discover
[asap_firewall_forward(5218):vlan decision] len 342, vlan 2, egress CP, ingress aruba101:
[asap_firewall_check_dhcp_packet(2386):dhcp packet from client] len 342, vlan 2, egress CP, ingress aruba101:
[asap_firewall_forward(5583):looking up bridge entry] len 342, vlan 2, egress CP, ingress aruba101:
[asap_firewall_forward(5894):bridge section] len 342, vlan 2, egress CP, ingress aruba101:
[asap_firewall_forward(6023):session section] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_forward(6217):fastpath returned 1 opcode 4] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_forward(6249):slowpath section: opcode 4] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_forward(6485):back to fastpath, opcode 3] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_forward(6789):route section] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_forward(6839):cp route section] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_forward(7122):forward section] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_flood(8476):flooding] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_flood(8533):adding option 82] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_add_rem_dhcp_option82(8125):returning w/o adding option 82] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_add_vlan_to_dhcp(8313):adding vlan to dhcp] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_add_vlan_to_dhcp(8354):added vlan to dhcp] len 346, vlan 2, egress vlan 2, ingress aruba101:
#mac: etype 0800 smac 04:69:f8:dd:6f:1f dmac ff:ff:ff:ff:ff:ff
#ip: sip 0.0.0.0, dip 255.255.255.255, proto 17, dscp 48, fragment ok, last fragment, fragment offset 0
#udp: sport 68 dport 67 len 312
#dhcp: message-type: request
hardware type: 1, len: 6, hops: 0
txn id: 0xabc2874b, seconds elapsed: 11
client mac: 04:69:f8:dd:6f:1f
magic cookie: 0x63825363
#dhcp-option: message-type: discover
#dhcp-option: aruba-vlan: 2
[asap_firewall_flood(9208):stack section protocol=0x8ffb, type=1] len 346, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_send_up_stack(3316):going to stack protocol:0x8ffb type:1] len 332, vlan 2, egress vlan 2, ingress br0:
Received packet from aruba101 (timestamp (116-8-11 22:31:18:795360) )
[asap_firewall_forward(5048):firewall entry] len 342, vlan 0, egress CP, ingress aruba101:
#mac: etype 0800 smac 04:69:f8:dd:6f:1f dmac ff:ff:ff:ff:ff:ff
#ip: sip 0.0.0.0, dip 255.255.255.255, proto 17, dscp 48, fragment ok, last fragment, fragment offset 0
#udp: sport 68 dport 67 len 308
#dhcp: message-type: request
hardware type: 1, len: 6, hops: 0
txn id: 0xabc2874b, seconds elapsed: 13
client mac: 04:69:f8:dd:6f:1f
magic cookie: 0x63825363
#dhcp-option: message-type: discover
[asap_firewall_forward(5218):vlan decision] len 342, vlan 2, egress CP, ingress aruba101:
[asap_firewall_check_dhcp_packet(2386):dhcp packet from client] len 342, vlan 2, egress CP, ingress aruba101:
[asap_firewall_forward(5583):looking up bridge entry] len 342, vlan 2, egress CP, ingress aruba101:
[asap_firewall_forward(5894):bridge section] len 342, vlan 2, egress CP, ingress aruba101:
[asap_firewall_forward(6023):session section] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_forward(6217):fastpath returned 1 opcode 4] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_forward(6249):slowpath section: opcode 4] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_forward(6485):back to fastpath, opcode 3] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_forward(6789):route section] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_forward(6839):cp route section] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_forward(7122):forward section] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_flood(8476):flooding] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_flood(8533):adding option 82] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_add_rem_dhcp_option82(8125):returning w/o adding option 82] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_add_vlan_to_dhcp(8313):adding vlan to dhcp] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_add_vlan_to_dhcp(8354):added vlan to dhcp] len 346, vlan 2, egress vlan 2, ingress aruba101:
#mac: etype 0800 smac 04:69:f8:dd:6f:1f dmac ff:ff:ff:ff:ff:ff
#ip: sip 0.0.0.0, dip 255.255.255.255, proto 17, dscp 48, fragment ok, last fragment, fragment offset 0
#udp: sport 68 dport 67 len 312
#dhcp: message-type: request
hardware type: 1, len: 6, hops: 0
txn id: 0xabc2874b, seconds elapsed: 13
client mac: 04:69:f8:dd:6f:1f
magic cookie: 0x63825363
#dhcp-option: message-type: discover
#dhcp-option: aruba-vlan: 2
[asap_firewall_flood(9208):stack section protocol=0x8ffb, type=1] len 346, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_send_up_stack(3316):going to stack protocol:0x8ffb type:1] len 332, vlan 2, egress vlan 2, ingress br0:
Received packet from aruba101 (timestamp (116-8-11 22:31:23:670524) )
[asap_firewall_forward(5048):firewall entry] len 342, vlan 0, egress CP, ingress aruba101:
#mac: etype 0800 smac 04:69:f8:dd:6f:1f dmac ff:ff:ff:ff:ff:ff
#ip: sip 0.0.0.0, dip 255.255.255.255, proto 17, dscp 48, fragment ok, last fragment, fragment offset 0
#udp: sport 68 dport 67 len 308
#dhcp: message-type: request
hardware type: 1, len: 6, hops: 0
txn id: 0xabc2874b, seconds elapsed: 18
client mac: 04:69:f8:dd:6f:1f
magic cookie: 0x63825363
#dhcp-option: message-type: discover
[asap_firewall_forward(5218):vlan decision] len 342, vlan 2, egress CP, ingress aruba101:
[asap_firewall_check_dhcp_packet(2386):dhcp packet from client] len 342, vlan 2, egress CP, ingress aruba101:
[asap_firewall_forward(5583):looking up bridge entry] len 342, vlan 2, egress CP, ingress aruba101:
[asap_firewall_forward(5894):bridge section] len 342, vlan 2, egress CP, ingress aruba101:
[asap_firewall_forward(6023):session section] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_forward(6217):fastpath returned 1 opcode 4] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_forward(6249):slowpath section: opcode 4] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_forward(6485):back to fastpath, opcode 3] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_forward(6789):route section] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_forward(6839):cp route section] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_forward(7122):forward section] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_flood(8476):flooding] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_flood(8533):adding option 82] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_add_rem_dhcp_option82(8125):returning w/o adding option 82] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_add_vlan_to_dhcp(8313):adding vlan to dhcp] len 342, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_add_vlan_to_dhcp(8354):added vlan to dhcp] len 346, vlan 2, egress vlan 2, ingress aruba101:
#mac: etype 0800 smac 04:69:f8:dd:6f:1f dmac ff:ff:ff:ff:ff:ff
#ip: sip 0.0.0.0, dip 255.255.255.255, proto 17, dscp 48, fragment ok, last fragment, fragment offset 0
#udp: sport 68 dport 67 len 312
#dhcp: message-type: request
hardware type: 1, len: 6, hops: 0
txn id: 0xabc2874b, seconds elapsed: 18
client mac: 04:69:f8:dd:6f:1f
magic cookie: 0x63825363
#dhcp-option: message-type: discover
#dhcp-option: aruba-vlan: 2
[asap_firewall_flood(9208):stack section protocol=0x8ffb, type=1] len 346, vlan 2, egress vlan 2, ingress aruba101:
[asap_firewall_send_up_stack(3316):going to stack protocol:0x8ffb type:1] len 332, vlan 2, egress vlan 2, ingress br0:
END OF DEBUG INFO
Second setup ( WORKING).
Cisco switch uplink port in trunk mode, Vlan 2 untagged (native), Vlan 3 tagged.
IAP IP address 192.168.1.5.
SSID Office Vlan 1 DHCP pool 192.168.1.x (assigned by Cisco switch), working.
SSID Sales Vlan 3 DHCP pool 192.168.1.x (assigned by Cisco switch), working.
DHCP debug info on a client (desktop) :
WIFIAD01# debug pkt mac 04:69:f8:dd:6f:1f
WIFIAD01# debug pkt match mac
WIFIAD01# debug pkt type dhcp
WIFIAD01# debug pkt dump
If source or destination MAC is 04:69:f8:dd:6f:1f
AND packet is of type DHCP
Press 'q' to quit.
Received packet from bond0 (timestamp (116-8-11 22:19:34:620470) )
[asap_firewall_forward(5048):firewall entry] len 286, vlan 0, egress CP, ingress bond0:
#mac: etype 0800 smac 24:01:c7:03:72:09 dmac 04:69:f8:dd:6f:1f
#ip: sip 192.168.1.1, dip 192.168.1.151, proto 17, dscp 56, fragment ok, last fragment, fragment offset 0
#udp: sport 67 dport 68 len 252
#dhcp: message-type: reply
hardware type: 0, len: 0, hops: 0
txn id: 0x00000000, seconds elapsed: 0
your ip: 192.168.1.151
magic cookie: 0x63825363
#dhcp-option: message-type: nack
[asap_firewall_forward(5218):vlan decision] len 286, vlan 1, egress CP, ingress bond0:
[asap_firewall_check_dhcp_packet(2426):dhcp packet to client] len 286, vlan 1, egress CP, ingress bond0:
[asap_firewall_forward(5583):looking up bridge entry] len 286, vlan 1, egress CP, ingress bond0:
[asap_firewall_forward(5894):bridge section] len 286, vlan 1, egress CP, ingress bond0:
[asap_firewall_forward(6023):session section] len 286, vlan 1, egress vlan 1, ingress bond0:
[asap_firewall_forward(6217):fastpath returned 1 opcode 4] len 286, vlan 1, egress vlan 1, ingress bond0:
[asap_firewall_forward(6249):slowpath section: opcode 4] len 286, vlan 1, egress vlan 1, ingress bond0:
[asap_firewall_forward(6485):back to fastpath, opcode 3] len 286, vlan 1, egress vlan 1, ingress bond0:
[asap_firewall_forward(6789):route section] len 286, vlan 1, egress vlan 1, ingress bond0:
[asap_firewall_forward(6839):cp route section] len 286, vlan 1, egress vlan 1, ingress bond0:
[asap_firewall_forward(7122):forward section] len 286, vlan 1, egress vlan 1, ingress bond0:
[asap_firewall_flood(8476):flooding] len 286, vlan 1, egress vlan 1, ingress bond0:
[asap_firewall_flood(8675):checking dev8 bond0] len 286, vlan 1, egress vlan 1, ingress bond0:
[asap_firewall_flood(8675):checking dev20 aruba101] len 286, vlan 1, egress vlan 1, ingress bond0:
[asap_firewall_flood(9190):flooding to aruba101] len 286, vlan 1, egress vlan 1, ingress bond0:
[asap_firewall_flood(9208):stack section protocol=0x800, type=3] len 286, vlan 1, egress vlan 1, ingress bond0:
WIFIAD01# debug pkt mac 04:69:f8:dd:6f:1f
WIFIAD01# debug pkt match mac
WIFIAD01# debug pkt type dhcp
WIFIAD01# debug pkt dump
If source or destination MAC is 04:69:f8:dd:6f:1f
AND packet is of type DHCP
Press 'q' to quit.
Received packet from aruba001 (timestamp (116-8-11 22:21:31:938246) )
[asap_firewall_forward(5048):firewall entry] len 342, vlan 0, egress CP, ingress aruba001:
#mac: etype 0800 smac 04:69:f8:dd:6f:1f dmac ff:ff:ff:ff:ff:ff
#ip: sip 0.0.0.0, dip 255.255.255.255, proto 17, dscp 48, fragment ok, last fragment, fragment offset 0
#udp: sport 68 dport 67 len 308
#dhcp: message-type: request
hardware type: 1, len: 6, hops: 0
txn id: 0xabc28749, seconds elapsed: 0
client mac: 04:69:f8:dd:6f:1f
magic cookie: 0x63825363
#dhcp-option: message-type: discover
[asap_firewall_forward(5218):vlan decision] len 342, vlan 1, egress CP, ingress aruba001:
[asap_firewall_check_dhcp_packet(2386):dhcp packet from client] len 342, vlan 1, egress CP, ingress aruba001:
[asap_firewall_forward(5583):looking up bridge entry] len 342, vlan 1, egress CP, ingress aruba001:
[asap_firewall_forward(5894):bridge section] len 342, vlan 1, egress CP, ingress aruba001:
[asap_firewall_forward(6023):session section] len 342, vlan 1, egress vlan 1, ingress aruba001:
[asap_firewall_forward(6217):fastpath returned 1 opcode 4] len 342, vlan 1, egress vlan 1, ingress aruba001:
[asap_firewall_forward(6249):slowpath section: opcode 4] len 342, vlan 1, egress vlan 1, ingress aruba001:
[asap_firewall_forward(6485):back to fastpath, opcode 3] len 342, vlan 1, egress vlan 1, ingress aruba001:
[asap_firewall_forward(6789):route section] len 342, vlan 1, egress vlan 1, ingress aruba001:
[asap_firewall_forward(6839):cp route section] len 342, vlan 1, egress vlan 1, ingress aruba001:
[asap_firewall_forward(7122):forward section] len 342, vlan 1, egress vlan 1, ingress aruba001:
[asap_firewall_flood(8476):flooding] len 342, vlan 1, egress vlan 1, ingress aruba001:
[asap_firewall_flood(8675):checking dev8 bond0] len 342, vlan 1, egress vlan 1, ingress aruba001:
[asap_firewall_flood(9190):flooding to bond0] len 342, vlan 1, egress vlan 1, ingress aruba001:
[asap_firewall_flood(8675):checking dev19 aruba001] len 342, vlan 1, egress vlan 1, ingress aruba001:
[asap_firewall_flood(8675):checking dev20 aruba101] len 342, vlan 1, egress vlan 1, ingress aruba001:
[asap_firewall_flood(9208):stack section protocol=0x800, type=1] len 342, vlan 1, egress vlan 1, ingress aruba001:
Received packet from bond0 (timestamp (116-8-11 22:21:31:941370) )
[asap_firewall_forward(5048):firewall entry] len 351, vlan 0, egress CP, ingress bond0:
#mac: etype 0800 smac 24:01:c7:03:72:09 dmac 04:69:f8:dd:6f:1f
#ip: sip 192.168.1.1, dip 192.168.1.151, proto 17, dscp 56, fragment ok, last fragment, fragment offset 0
#udp: sport 67 dport 68 len 317
#dhcp: message-type: reply
hardware type: 1, len: 6, hops: 0
txn id: 0xabc28749, seconds elapsed: 0
your ip: 192.168.1.151
client mac: 04:69:f8:dd:6f:1f
magic cookie: 0x63825363
#dhcp-option: netmask: 255.255.255.0
#dhcp-option: router: 192.168.1.1
#dhcp-option: dns-server: 192.168.1.22
#dhcp-option: dns-name: xxxxxxxx
#dhcp-option: message-type: offer
#dhcp-option: dhcp-server: 192.168.1.1
[asap_firewall_forward(5218):vlan decision] len 351, vlan 1, egress CP, ingress bond0:
[asap_firewall_check_dhcp_packet(2426):dhcp packet to client] len 351, vlan 1, egress CP, ingress bond0:
[asap_firewall_forward(5583):looking up bridge entry] len 351, vlan 1, egress CP, ingress bond0:
[asap_firewall_forward(5894):bridge section] len 351, vlan 1, egress CP, ingress bond0:
[asap_firewall_forward(6023):session section] len 351, vlan 1, egress aruba001, ingress bond0:
[asap_firewall_forward(6217):fastpath returned 1 opcode 4] len 351, vlan 1, egress aruba001, ingress bond0:
[asap_firewall_forward(6249):slowpath section: opcode 4] len 351, vlan 1, egress aruba001, ingress bond0:
[asap_firewall_forward(6485):back to fastpath, opcode 3] len 351, vlan 1, egress aruba001, ingress bond0:
[asap_firewall_forward(6789):route section] len 351, vlan 1, egress aruba001, ingress bond0:
[asap_firewall_forward(6839):cp route section] len 351, vlan 1, egress aruba001, ingress bond0:
[asap_firewall_forward(7122):forward section] len 351, vlan 1, egress aruba001, ingress bond0:
[asap_firewall_forward(7439):forwarding packet to aruba001] len 351, vlan 1, egress aruba001, ingress aruba001:
Received packet from aruba001 (timestamp (116-8-11 22:21:32:955272) )
[asap_firewall_forward(5048):firewall entry] len 342, vlan 0, egress CP, ingress aruba001:
#mac: etype 0800 smac 04:69:f8:dd:6f:1f dmac ff:ff:ff:ff:ff:ff
#ip: sip 0.0.0.0, dip 255.255.255.255, proto 17, dscp 48, fragment ok, last fragment, fragment offset 0
#udp: sport 68 dport 67 len 308
#dhcp: message-type: request
hardware type: 1, len: 6, hops: 0
txn id: 0xabc28749, seconds elapsed: 1
client mac: 04:69:f8:dd:6f:1f
magic cookie: 0x63825363
#dhcp-option: requested-ip: 192.168.1.151
#dhcp-option: message-type: request
#dhcp-option: dhcp-server: 192.168.1.1
[asap_firewall_forward(5218):vlan decision] len 342, vlan 1, egress CP, ingress aruba001:
[asap_firewall_check_dhcp_packet(2386):dhcp packet from client] len 342, vlan 1, egress CP, ingress aruba001:
[asap_firewall_forward(5583):looking up bridge entry] len 342, vlan 1, egress CP, ingress aruba001:
[asap_firewall_forward(5894):bridge section] len 342, vlan 1, egress CP, ingress aruba001:
[asap_firewall_forward(6023):session section] len 342, vlan 1, egress vlan 1, ingress aruba001:
[asap_firewall_forward(6217):fastpath returned 1 opcode 4] len 342, vlan 1, egress vlan 1, ingress aruba001:
[asap_firewall_forward(6249):slowpath section: opcode 4] len 342, vlan 1, egress vlan 1, ingress aruba001:
[asap_firewall_forward(6485):back to fastpath, opcode 3] len 342, vlan 1, egress vlan 1, ingress aruba001:
[asap_firewall_forward(6789):route section] len 342, vlan 1, egress vlan 1, ingress aruba001:
[asap_firewall_forward(6839):cp route section] len 342, vlan 1, egress vlan 1, ingress aruba001:
[asap_firewall_forward(7122):forward section] len 342, vlan 1, egress vlan 1, ingress aruba001:
[asap_firewall_flood(8476):flooding] len 342, vlan 1, egress vlan 1, ingress aruba001:
[asap_firewall_flood(8675):checking dev8 bond0] len 342, vlan 1, egress vlan 1, ingress aruba001:
[asap_firewall_flood(9190):flooding to bond0] len 342, vlan 1, egress vlan 1, ingress aruba001:
[asap_firewall_flood(8675):checking dev19 aruba001] len 342, vlan 1, egress vlan 1, ingress aruba001:
[asap_firewall_flood(8675):checking dev20 aruba101] len 342, vlan 1, egress vlan 1, ingress aruba001:
[asap_firewall_flood(9208):stack section protocol=0x800, type=1] len 342, vlan 1, egress vlan 1, ingress aruba001:
Received packet from bond0 (timestamp (116-8-11 22:21:32:957771) )
[asap_firewall_forward(5048):firewall entry] len 351, vlan 0, egress CP, ingress bond0:
#mac: etype 0800 smac 24:01:c7:03:72:09 dmac 04:69:f8:dd:6f:1f
#ip: sip 192.168.1.1, dip 192.168.1.151, proto 17, dscp 56, fragment ok, last fragment, fragment offset 0
#udp: sport 67 dport 68 len 317
#dhcp: message-type: reply
hardware type: 1, len: 6, hops: 0
txn id: 0xabc28749, seconds elapsed: 0
your ip: 192.168.1.151
client mac: 04:69:f8:dd:6f:1f
magic cookie: 0x63825363
#dhcp-option: netmask: 255.255.255.0
#dhcp-option: router: 192.168.1.1
#dhcp-option: dns-server: 192.168.1.22
#dhcp-option: dns-name: xxxxxxx
#dhcp-option: message-type: ack
#dhcp-option: dhcp-server: 192.168.1.1
[asap_firewall_forward(5218):vlan decision] len 351, vlan 1, egress CP, ingress bond0:
[asap_firewall_check_dhcp_packet(2426):dhcp packet to client] len 351, vlan 1, egress CP, ingress bond0:
[asap_firewall_check_dhcp_packet(2467):Send dhcp user(192.168.1.151) to STM and create the L3 user] len 351, vlan 1, egress CP, ingress bond0:
[asap_firewall_check_dhcp_packet(2484):Created L3 user] len 351, vlan 1, egress CP, ingress bond0:
[asap_firewall_forward(5583):looking up bridge entry] len 351, vlan 1, egress CP, ingress bond0:
[asap_firewall_forward(5894):bridge section] len 351, vlan 1, egress CP, ingress bond0:
[asap_firewall_forward(6023):session section] len 351, vlan 1, egress aruba001, ingress bond0:
[asap_firewall_forward(6217):fastpath returned 1 opcode 4] len 351, vlan 1, egress aruba001, ingress bond0:
[asap_firewall_forward(6249):slowpath section: opcode 4] len 351, vlan 1, egress aruba001, ingress bond0:
[asap_firewall_forward(6485):back to fastpath, opcode 3] len 351, vlan 1, egress aruba001, ingress bond0:
[asap_firewall_forward(6789):route section] len 351, vlan 1, egress aruba001, ingress bond0:
[asap_firewall_forward(6839):cp route section] len 351, vlan 1, egress aruba001, ingress bond0:
[asap_firewall_forward(7122):forward section] len 351, vlan 1, egress aruba001, ingress bond0:
[asap_firewall_forward(7439):forwarding packet to aruba001] len 351, vlan 1, egress aruba001, ingress aruba001:
END OF DEBUG INFO
I noticed that in the first case (not working) the received packets are on "aruba101" interface and in the second one (working) the received packets are on "bond0" interface.
Any idea ?