Currently we are migrating from an autonomous environment. The APs currently take wireless clients and put
them straight into separate VLANs depending on which SSID they associate with. Each SSID is a different customer
so we are essentialy acting like a service provider. We try not to get involved with layer 3 functions.
Each SSID IP range is controlled via a third party or a customer. Up until now we haven't had to specify a DHCP server address the client just gets put onto a VLAN and it is up to the customer to assign their own IP details.
Now that we are migrating to LWAPP I have found the following -
- I need to specify an IP address for each Dynamic IP address for each WLAN
- I need to specify a DHCP server for each Dynamic IP address for each WLAN
Since I don't have control of the IPs I put in bogus Dynamic Interface details but the correct DHCP server address.
This seems to work.
My questions are as follows -
1/Is there a way I can just place clients into a VLAN using the LWAPP equipment so we do not have
to get involved with layer 3 configuration?
2/I noticed when I got a DHCP address on a test client laptop, the DHCP server was 126.96.36.199. The only thing in the network I am aware of is the Virtual IP address of the Controller which is used for mobility groups. Is this normal?
3/On the controller is the DHCP request forwarded from the Management or the Dynamic interface?
3/What is the IP address of the Dynamic interface actually used for? At first I though the DHCP server whould use it as a source but my configuration works with a bogus address.
Welcome to the world of LWAPP! It's a pretty confusing ride to get on, so hopefully I can answer some of your questions.
Before directly answering your questions, I want to give you a bit if insight as to how traffic flows in an LWAPP environment. All LWAPP traffic is placed in a tunnel back to the controller (this is why LWAPP APs no longer need trunk links to the switches). The traffic is de-encapsulated and forwarded to the switching environment from the appropriate interface (management or dynamic). The source address for the traffic is changed to match the controller interface because the traffic must return to the controller in order to get to the client. As such, IP addresses are required on the controller.
1. Think of the controller as a layer 3 switch that masks the identity of its clients. By sourcing all traffic from itself, it guarantees that all traffic returns back to it, at which point it forwards the traffic back to the client via the LWAPP tunnel. The bogus addresses you entered are actually in use on the network, so you might want to register those with the people in charge. If anyone uses that address, it will potentially drop your wireless network.
2. This is normal. The Virtual IP address is also used for DHCP service. Since the controller blocks all broadcasts, it must proxy DHCP for each client, hence the Virtual IP address as well as the need to specify the DHCP server address.
3. I'm not sure which interface it gets forwarded out. Maybe someone else can answer that.
4. See above for a description of what it's used for.
Once last thing. What exactly are these bogus addresses to which you're referring? Are they real addresses that you just came up with? Do they match the VLAN that you placed them on? Did you give them proper default gateways?
Keep in mind that by configuring these, they are real addresses on your network that you should be able to ping. And again, if the address is duplicated on the network, it has the potential to take down your wireless network.
Let me know if this helps, and if you have any more questions!