DHCP relay issues - WLC4400 series

Unanswered Question
Mar 9th, 2010
User Badges:

Hi all,

I'm experiencing some strange problems with my WLC 4400 – and hope you guys can give me a hand.

There is an issue while connecting a WLAN Client to the WLC for the first time. I pinpointed the source of the problem to the dhcp, but I wondering why this happens…

As stated above – the issue occurs only during the first time registration of a WLAN client with the WLC. If I do another registration right after the failed connection attempt, the session is established and I can start working in my network environment.

Because we use 802.1x authentication, my first idea was that there is an issue – but the authentication process completes successfully.

Another debug for the dhcp process showed an issue during the initial registration process. I'll paste an extract of the NOT working connection attempt below (DHCP DISCOVER msg and DHCP OFFER msg passed successfully – I'll focus on the DHCP REQUEST msg):

###### Extract one ######

Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c dhcpProxy: Received packet: Client 00:21:6a:00:35:9c

                        DHCP Op: BOOTREQUEST(1), IP len: 303, switchport: 29, encap: 0xec03

Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c dhcp option len, including the magic cookie = 67

Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c dhcp option: received DHCP REQUEST msg

Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c dhcp option: skipping option 61, len 7

Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c dhcp option: requested ip = 10.64.153.66

Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c dhcp option: server id = 1.1.1.1

Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c dhcp option: skipping option 12, len 12

Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c dhcp option: vendor class id = MSFT 5.0 (len 8)

Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c dhcp option: skipping option 55, len 12

Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c dhcpParseOptions: options end, len 67, actual 67

Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c dhcpProxy: dhcp request, client: 00:21:6a:00:35:9c:

                        dhcp op: 1, port: 29, encap 0xec03, old mscb port number: 29

Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c Determing relay for 00:21:6a:00:35:9c

                                                                                                        dhcpServer: 10.49.143.8, dhcpNetmask: 0.0.0.0,

                        dhcpGateway: 0.0.0.0, dhcpRelay: 0.0.0.0  VLAN: 0

Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c Relay settings for 00:21:6a:00:35:9c

                                                                                                        Local Address: 0.0.0.0, DHCP Server: 10.49.143.8,

                        Gateway Addr: 10.64.153.1, VLAN: 0, port: 29

Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c dhcpProcessPacket return an error,chaddr: 00:21:6a:00:35:9c

The process stops working after the last line above. The client reports connection successfully, but no IP address was assigned to the client. A second connection attempt was successful (again – I'll focus on the dhcp REQUEST msg – ignoring DISCOVER, OFFER and ACK msg):

                        DHCP Op: BOOTREQUEST(1), IP len: 303, switchport: 29, encap: 0xec03

Tue Mar  9 09:53:02 2010: 00:21:6a:00:35:9c dhcp option len, including the magic cookie = 67

Tue Mar  9 09:53:02 2010: 00:21:6a:00:35:9c dhcp option: received DHCP REQUEST msg

Tue Mar  9 09:53:02 2010: 00:21:6a:00:35:9c dhcp option: skipping option 61, len 7

Tue Mar  9 09:53:02 2010: 00:21:6a:00:35:9c dhcp option: requested ip = 10.64.153.66

Tue Mar  9 09:53:02 2010: 00:21:6a:00:35:9c dhcp option: server id = 1.1.1.1

Tue Mar  9 09:53:02 2010: 00:21:6a:00:35:9c dhcp option: skipping option 12, len 12

Tue Mar  9 09:53:02 2010: 00:21:6a:00:35:9c dhcp option: vendor class id = MSFT 5.0 (len 8)

Tue Mar  9 09:53:02 2010: 00:21:6a:00:35:9c dhcp option: skipping option 55, len 12

Tue Mar  9 09:53:02 2010: 00:21:6a:00:35:9c dhcpParseOptions: options end, len 67, actual 67

Tue Mar  9 09:53:02 2010: 00:21:6a:00:35:9c dhcpProxy: dhcp request, client: 00:21:6a:00:35:9c:

                        dhcp op: 1, port: 29, encap 0xec03, old mscb port number: 29

Tue Mar  9 09:53:02 2010: 00:21:6a:00:35:9c Determing relay for 00:21:6a:00:35:9c

                                                                                                        dhcpServer: 10.49.143.8, dhcpNetmask: 0.0.0.0,

                        dhcpGateway: 0.0.0.0, dhcpRelay: 10.64.153.6  VLAN: 300

Tue Mar  9 09:53:02 2010: 00:21:6a:00:35:9c Relay settings for 00:21:6a:00:35:9c

                                                                                                        Local Address: 10.64.153.6, DHCP Server: 10.49.143.8,

The major difference seems to be in line 16:

Not Working:

                        dhcpGateway: 0.0.0.0, dhcpRelay: 0.0.0.0  VLAN: 0

Working:

                        dhcpGateway: 0.0.0.0, dhcpRelay: 10.64.153.6  VLAN: 300

For me it seems that the WLC is not able to forward this request to the appropriate dhcp server.

Does anyone of you have an idea, why this happens? And why does this happen only during the first time login of every client? Or am I misinterpreting the debug output?!

Thx a lot in advance!

Cheers

Martin

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Scott Fella Tue, 03/09/2010 - 20:40
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Does this happen when you use 802.1x... have you tried open authentication just for testing.  Is this a new install or did you upgrade the code at all?  Have you done a debug on the do1x to see if authentication fails.  If this is a new install... and you tried the above and still have issues, post your show run-config so we can verify your configurations.

martin_erbloweit Wed, 03/10/2010 - 02:06
User Badges:

Hi,

thx for your comment so far.

I did some additional troubleshooting yesterday and I guess I fixed the problem. The management interface was configured with two dhcp server IPs (0.0.0.0 and 1.1.1.1).

Within the Cisco documentation it is stated that the dhcp relay proxy feature uses a virtual IP 1.1.1.1.

0.0.0.0    seems to be used for the internal communication.

When I changed the dhcp address (primary & secondary) to IP 1.1.1.1 the problem was solved. We tested it yesterday evening and this morning.

My assumption is that the virtual 1.1.1.1 IP is mandatory to match the dhcp responses to the proxy relaying feature. Or the WLC uses the DHCP addresses on the management interface to forward the traffic to the appropriate feature (where 1.1.1.1 triggers the proxy feature and 0.0.0.0 is used to forward the traffic to the internal dhcp service). But this is just a guesswork – I do not know the Cisco WLAN good enough to provide a valuable explanation.

Cheers

Martin

Scott Fella Wed, 03/10/2010 - 04:57
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

You are correct... if you do an ipconfig on your windows device you will see 1.1.1.1 or whatever your VIP address is there.  If you are using an external dhcp, you might want to set that in the interfaces.  If you use the WLC as a dhcp, then you would set the dhcp to the management interface.  Nothing should be set to 0.0.0.0.... even the service port needs an ip.

Actions

This Discussion

Related Content

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode