[c-nsp] WLC with DHCP relay not working on in VRF

Nasir Shaikh nasir at nasirshaikh.com
Fri Dec 7 05:37:33 EST 2012 

Hi Juergen,

The dhcp vrf connected issue would have affected all users. But in my case,
users connecting via an autonomous access-point had no issue, connecting a
laptop directly to the router was also ok. Only when connecting via an AP
controlled by a WLC, the clients failed to get an IP address. The WLC was
configured correctly (was working before I put the guest LAN in a separate
vrf) and points to my router as the DHCP server.

I had tested in my lab before implementation but do not possess a WLC in the
lab environment.

Will test with a production site later today and post results.

Regards

Nasir

-----Original Message-----
From: Juergen Marenda [mailto:j at marenda.net] On Behalf Of cnsp at marenda.net
Sent: donderdag 6 december 2012 18:25
To: 'Nasir Shaikh'; cisco-nsp at puck.nether.net
Subject: AW: [c-nsp] WLC with DHCP relay not working on in VRF

Hi,

Maybe a    
"(no) ip dhcp vrf connected" problem ?
see https://supportforums.cisco.com/message/631964#631964

vrf in debug output is VRF_Guest and does not find an address-pool
so you should define one...; 
but your config-example's vrf is named Guests 


> -----Ursprüngliche Nachricht-----
> Von: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> bounces at puck.nether.net] Im Auftrag von Nasir Shaikh
> Gesendet: jeudi 6 décembre 2012 16:42
> An: cisco-nsp at puck.nether.net
> Betreff: [c-nsp] WLC with DHCP relay not working on in VRF
> 
> Hi,
> 
> I encountered a problem whereby I have a  Guest-LAN placed in the VRF
> and a guest tries to connect via a WLC which is configured as a dhcp-
> relay. The guest does not get any IP address assigned by DHCP.
> 
> Apparently the DHCP server functionality does not work properly in the
> VRF when a DHCP-relay is used, see below debug.
> 
> First I thought it might be a bug in 12.4(20)T3 on the 2851 and 3845 on
> which I encountered the issue but had the same result on a 3945E
> running
> 15.1 so it seems on all IOS's
> 
> Problem does not occur when using autonomous APs.
> 
> WITH THE VRF we see the following debug info:
> 
> Dec  6 13:42:16.829 CET: DHCPD: Sending notification of DISCOVER:
> Dec  6 13:42:16.829 CET:   DHCPD: htype 1 chaddr f87b.7a04.db2d
> Dec  6 13:42:16.829 CET:   DHCPD: remote id 020a0000c0a80a02000300c0
> Dec  6 13:42:16.829 CET:   DHCPD: circuit id 00000000
> Dec  6 13:42:16.829 CET:   DHCPD: table id 1 = vrf VRF_Guest
> Dec  6 13:42:16.829 CET: DHCPD: DHCPDISCOVER received from client
> f87b.7a04.db2d through relay 192.168.9.193.
> Dec  6 13:42:16.829 CET: DHCPD: Seeing if there is an internally
> specified pool class:
> Dec  6 13:42:16.829 CET:   DHCPD: htype 1 chaddr f87b.7a04.db2d
> Dec  6 13:42:16.829 CET:   DHCPD: remote id 020a0000c0a80a02000300c0 
> Dec  6 13:42:16.829 CET:   DHCPD: circuit id 00000000 
> Dec  6 13:42:16.829 CET:   DHCPD: table id 1 = vrf VRF_Guest 
> Dec  6 13:42:16.829 CET: DHCPD: there is no address pool for
> 192.168.9.193.
> 
> 
> 
> WITHOUT THE VRF we see the following debug info:
> 
> Dec  6 14:46:05.413 CET: DHCPD: Sending notification of DISCOVER:
> Dec  6 14:46:05.417 CET:   DHCPD: htype 1 chaddr f87b.7a04.db2d
> Dec  6 14:46:05.417 CET:   DHCPD: remote id 020a0000c0a80a02000300c0
> Dec  6 14:46:05.417 CET:   DHCPD: circuit id 00000000
> Dec  6 14:46:05.417 CET: DHCPD: DHCPDISCOVER received from client
> f87b.7a04.db2d through relay 192.168.9.193.
> Dec  6 14:46:05.417 CET: DHCPD: Seeing if there is an internally
> specified pool class:
> Dec  6 14:46:05.417 CET:   DHCPD: htype 1 chaddr f87b.7a04.db2d
> Dec  6 14:46:05.417 CET:   DHCPD: remote id 020a0000c0a80a02000300c0
> Dec  6 14:46:05.417 CET:   DHCPD: circuit id 00000000
> Dec  6 14:46:05.417 CET: DHCPD: Allocate an address without class
> information (192.168.8.0)
> Dec  6 14:46:07.417 CET: DHCPD: Adding binding to radix tree
> (192.168.8.3)
> Dec  6 14:46:07.417 CET: DHCPD: Adding binding to hash tree
> Dec  6 14:46:07.417 CET: DHCPD: assigned IP address 192.168.8.3 to
> client f87b.7a04.db2d.
> Dec  6 14:46:07.417 CET: DHCPD: Sending DHCPOFFER to client
> f87b.7a04.db2d (192.168.8.3). 
> 
> Config is straightforward.
> 
> ip dhcp pool Guests
> vrf Guests
> import all
> network 192.168.8.0 255.255.252.0
> default-router 192.168.10.1
>  dns-server 8.8.8.8 8.8.4.4
>  lease 0 4
> !
> 
> interface Vlan192
> description Guest access Internet (ISP Speed = 120M)
> ip forwarding vrf Guests
> ip address 192.168.10.2 255.255.252.0
> ip access-group 192 in
> 
> Any ideas?
> 
> Regards
> Nasir

More information about the cisco-nsp mailing list