Lightweight AP – DHCP Configuration

Posted on May 24, 2011. Filed under: Uncategorized | Tags: , , , , |

Just some findings on lightweight access points, and configuration of DHCP pools.  DHCP is used to tell the LAPs what the wireless controller(s) ap-mgmt address is on boot up.

Option 60 is specified in  a DHCP discover packet by lightweight APs requesting an IP address, it’s used to tell the server what type of device it is, for example a client may set option 60 to ‘Cisco AP c1140’.

The DHCP server can be configured to provide additional options in a DHCP offer packet, only to those client’s that need it.  In this case, if option 60 is ‘Cisco AP c1140’, the server will return option 43, which has the address of the wlc ap-mgmt interface IP addresses in hex format.

!
ip dhcp pool ap_manager
   network 128.58.172.128 255.255.255.224
   default-router 128.58.172.129
   dns-server 192.23.23.192 192.23.23.193
# Identifies type of device
 option 60 ascii "Cisco AP c1140"
# Specifies IP of WLC controllers 192.168.10.5|192.168.10.20
 option 43 hex f108c0a80a05c0a80a14
   domain-name eur.slb.net
   lease 8
!

The hex value is made up as follows:

f1 = 0xf1 (type)
08= 0x8 (total number of octets in both IP addresses 2×4)
c0a80a05=192168105 (first IP)
c0a80a14=1921681020 (second IP)

It should be noted that there is a bug on 3750 switches running 12.2(46)SE which prevents option 60 from being specified. “% Invalid input detected at ‘^’ marker.”  is returned because there is a space in the text ‘Cisco AP c1140’.  To resolve this change to a different version of code.

Read Full Post | Make a Comment ( None so far )

Making IP Helper (UDP forwarding) HSRP Aware

Posted on May 23, 2011. Filed under: Uncategorized | Tags: , , , , |

This scenario involves multiple gateway routers using first-hop redundancy protocols like HSRP.  The  routers are using IP helper commands to forward DHCP requests to a central server, however the server is receiving many DHCP requests from the same client, as shown below:

dhcpserver#sh log | i through relay
*Mar  1 00:20:41.291: DHCPD: DHCPDISCOVER received from client 0063.6973.636f.2d63 through relay 192.168.1.2
*Mar  1 00:20:43.819: DHCPD: DHCPDISCOVER received from client 0063.6973.636f.2d63 through relay 192.168.1.3

It must be understood that DHCP discover packets are broadcast, and thus received and forwarded by all routers configured with IP helper addresses.  To prevent all routers from forwarding the request, the solution is to only allow the active HSRP router to do this.

Below is overall topology:

Configuration for R1:

interface FastEthernet0/0
ip address 192.168.1.2 255.255.255.0
ip helper-address 10.1.1.1 redundancy HSRP-Data
duplex auto
speed auto
standby 10 ip 192.168.1.1
standby 10 preempt
standby 10 name HRSP-Data

Configuration for R2:

interface FastEthernet0/0
ip address 192.168.1.3 255.255.255.0
ip helper-address 10.1.1.1 redundancy HSRP-Data
duplex auto
speed auto
stand 10 ip 192.168.1.1
standby 10 priority 90
standby 10 preempt
standby 10 name HSRP-Data

By linking the IP helper command to HSRP ‘ip helper-address 10.1.1.1 redundancy HSRP-Data’ it is now able to track the HSRP state.  The IP helper redundancy name must match the HSRP name, in this case ‘HSRP-Data’.   Now when the DHCP client requests an IP configuration, it can be observed that only the active HSRP router replies:

dhcpserver#sh log | i through relay
*Mar  1 00:20:41.291: DHCPD: DHCPDISCOVER received from client 0063.6973.636f.2d63 through relay 192.168.1.2
Read Full Post | Make a Comment ( None so far )

Disabling DHCP client default route

Posted on May 7, 2011. Filed under: Uncategorized | Tags: , , |

If you do not wish for your router to install the default route it receives when DHCP client is enabled on an interface,  use the command below to raise the AD so it’s not entered into RIB.  This is useful if you are using dynamic routing on a WAN interface, and want to use object tracking to detect lack of default routing.

!
interface FastEthernet0/0
description WAN LINK
bandwidth 1000000
ip dhcp client default-router distance 255 
ip address dhcp
Read Full Post | Make a Comment ( None so far )

Liked it here?
Why not try sites on the blogroll...