Thanks Colin, but could you please clarify? Are you saying that enforce-dhcp feature on controller-B will, or will not, check for DORA when a device with an active session (and DHCP lease) on controller-A roams to controller-B? Is the device subject to enforc-dhcp rules every time it roams across a controller, or does controller-B somehow know to not check for DORA packets?
We have enforce-dhcp enabled and use external DHCP servers. We do L2 mobility. We have several controllers and a large ever-mobile campus. I'm seeing a fair amount of "drop pkt as ip not assigned through dhcp" in our logs. I believe this is due to idle timeout and DHCP lease values being out of sync but it occurred to me that this could also be due to devices with active sessions/leases roaming across controllers. I don't see any mechanism that would inform controller-B that a device roaming onto it was already subject to enforce-dhcp on controller-A. And devices surely wouldn't know to ask for a lease every time they cross a conroller boundary.
I'm wondering if, after I adjust idle timeout and lease times, I'll still see devices being denied entry into the user table simply because they roamed to another controller.
(running 6.4.4.15 on multiple 7220s)
Mike