Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Dhcp Local to Building issue

This thread has been viewed 0 times

  • 1.  Dhcp Local to Building issue

    Posted Mar 06, 2012 07:34 PM

    I have 18 buildings connected to our data center with gig links.  Each site has its own dhcp server.  The controller is at the data center deep in the core.  All aps in the buildings get an ip from the local servers and can connect to the controller.  I'm trying to build a basic test guest wlan where devices get the local dhcp server vlan addresses.  However its not working, the ap gets an ip but the devices get 169s.  Meaning no connection to dhcp.  I'm new to this device and not sure where to begin.  Any advice is appreciated.  I have read the vrd but they all seem to point to local controllers well we only have one master controller.  Thanks in advance.

     

     



  • 2.  RE: Dhcp Local to Building issue

    EMPLOYEE
    Posted Mar 06, 2012 09:44 PM
    Does each site have its own internet connection?


  • 3.  RE: Dhcp Local to Building issue

    Posted Mar 06, 2012 09:56 PM

    No they all haul back on fiber to the hub office where the data center is located.

     



  • 4.  RE: Dhcp Local to Building issue

    EMPLOYEE
    Posted Mar 06, 2012 11:30 PM
    In that case, case, guests should be tunneled back to the controller, then.


  • 5.  RE: Dhcp Local to Building issue

    Posted Mar 07, 2012 01:47 AM

    The campus VRD talks about master-local but the configuration is the same for SSID, VAPs and other profiles expect that in your case you terminate the APs on the master instead of on the locals. As you would have seen in the VRD the VLAN and IP configuration is local to the controller and is not propagated from master to local.

     

    In your case, you want your users to get IP from local DHCP server but when a VAP is in tunnel mode all the traffic including the DHCP requests are terminated on the controller. One this you can do is

     

    1. Have connectivity from the master to the all the local DHCP servers and then configure different VAPs with appropriate local VLANs that the users should use and seperate AP groups for each buiding. Now, the guest VAP in building A will have the VLAN with DHCP helper IP that points to local DHCP server in building A. The guest VAP in building B will have the VLAN with DHCP helper IP that points to local DHCP server in building B and so on. This setup will cause the DHCP traffic to take a longer path. For instance the DHCP discover packet will travel  from local building A ---> datacenter ---> local dhcp server in building A .

     

    2. Another, thing you can do is deploy the guest WLAN in bridge mode and let the network routing take care of proper routing to the internet. However, with bridge mode you cannot use captive portal for guests. You can either use open SSID, 802.1X or PSK, which is not ideal for guest networks.

     

     

    Hopefully, another Airheads Expert can provide a better solution.

     

    Regards,

    Sathya

     



  • 6.  RE: Dhcp Local to Building issue

    Posted Mar 07, 2012 09:26 PM

    I setup a simple wlan guest with open access.  Easiest I could think of but the clients aren't gettings ips.  I used wireshark on the building dhcp server.  I see no traffic from the clients asking for an address.  I enabled logging on the controller for network dhcp. 

     

    Mar 7 14:36:29 :202534:  <DBUG> |dhcpdwrap| |dhcp| Datapath vlan4: DISCOVER 78:2 b:cb:27:dc:89 Options 3d:01782bcb27dc89 0c:57424f455649525453565231 3c:4d5346542 0352e30 37:010f03062c2e2f1f2179f92b

    Mar 7 14:36:55 :202541:  <DBUG> |dhcpdwrap| |dhcp| Received DHCP packet from Dat path, sos msg hdr flags 0x42 opcode 0x5a ingress 0x1060 vlan 2 egress 0x2 src ma c 00:15:17:bf:e7:75 Mar 7 14:36:55 :202534:  <DBUG> |dhcpdwrap| |dhcp| Datapath vlan2: DISCOVER 00:1 5:17:bf:e7:75 Options 3d:01001517bfe775 0c:57424f455669727453565232 3c:4d5346542 0352e30 37:010f03062c2e2f1f2179f92b

     

    Above is what the controller reports. I see vlan4 and vlan2 but the vlan I have setup should be from vlan200.  I see no mention of vlan200.  Any ideas.  I looked at the policy and in the firewall policy i see dhcp allowed. 

     

     



  • 7.  RE: Dhcp Local to Building issue

    EMPLOYEE
    Posted Mar 07, 2012 09:28 PM
    In the virtual ap profile, you should have vlan 200 and the virtual ap should be tunneled.


  • 8.  RE: Dhcp Local to Building issue

    Posted Mar 07, 2012 10:24 PM

    Under the ap group configuration the virtual ap settings say vlan 200 and mode is tunneled.

     

    Thanks for the help



  • 9.  RE: Dhcp Local to Building issue

    EMPLOYEE
    Posted Mar 07, 2012 10:26 PM
    What port is clan 200 tied to? Type "show vlan status"


  • 10.  RE: Dhcp Local to Building issue

    Posted Mar 07, 2012 10:37 PM

    gig 0/0.  Its the correct one.

     



  • 11.  RE: Dhcp Local to Building issue

    EMPLOYEE
    Posted Mar 07, 2012 10:38 PM
    What is gig 0/0 plugged into? Is it an access port or a trunk? "Show trunk"


  • 12.  RE: Dhcp Local to Building issue

    Posted Mar 08, 2012 08:31 AM

    Connected to a gig port on cisco 3550g its a trunk port



  • 13.  RE: Dhcp Local to Building issue

    EMPLOYEE
    Posted Mar 08, 2012 09:00 AM
    Does that vlan have an ip address on the Cisco side and the Aruba side? See if you can ping from one to the other.


  • 14.  RE: Dhcp Local to Building issue

    Posted Mar 08, 2012 11:06 AM

    Yes I can ping all the way thru.  I ve got ap connections to the controller.  Can manage them but just missing the dhcp portion.