Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Using one controller as primary DHCP server for 2 or more controllers

Here's my setup

2 - 5508 controllers (40 APs per controller) running (100 user license per controller)

about 80 mixed - 1142 and 1252 APs, trying to put 40 APs on each controller

One subnet connects two controllers together on the management interface on port 1 on both controllers. 10.x.x.x addresses.

Port 2 on each controller (LAG not used) connects to a DMZ via dynamic interfaces for user traffic, 172.x.x.x addresses.

I want to use one controller for all clients to get their DHCP addresses from (no matter what controller their AP is on)

as a primary DHCP server (controller A as primary), then i'd like to point the clients to the other controller (controller B) to be used as a backup DHCP server in case Controller A fails. Also, the APs are setup to have the correct primary and secondary controllers under their high availability setting as well as the mobility group information.

I want to avoid splitting my DHCP scopes between controllers, and I don't have a DHCP server dedicated to this project, so the 5508s should be able to do the job. Or at least I thought.

When configuring the controllers with the proper DHCP scopes, this only seems to work for clients connecting to controller A. Clients on controller B don't get an address from controller A when pointing to that controller, in fact, the wierd thing is that debugging shows DHCP requests going out of port 2 (DMZ traffic) instead of port 1 (management) on controller B. Shouldn't they be going out of the interface that is specified with the DHCP configuration in the dynamic interface? And I don't have "override" turned on in the WLAN configuration so the DHCP server should be taken from the dynamic interface that the user resides on.

Mobility groups are configured correctly between the two controllers and both the control and data paths are up between the two controllers. Another wierd thing, both controllers management interfaces are on the same subnet, no acls or filters, when the mobility groups are configured, controller A can ping controller B, but controller B cannot ping A. The status still shows as UP/UP in the mobility members windows, but they use mPing which seems to work fine. Remove the mobility group configuration and ping works just fine between the boxes. I don't know if this is related to my DHCP issues, but it would seem that if I put the controller A's management address in the dynamic interface configuration for DHCP on controller B, my clients on B should get an address from A's DHCP pool. Controller A's dynamic interfaces all point to controller A's management interface and they work just fine.

I'm trying to load ballance my AP distribution between two boxes, and I'm also trying to have some controller redundancy.

Controller A works just fine, it's in production. Trying to add another controller B to talk A for DHCP is the issue.

Anyone have any clues?


Cisco Employee

Re: Using one controller as primary DHCP server for 2 or more co

The WLC's DHCP server implementation is pretty minimal.  There is no ping-check support, no support for saving lease information across boots.  It's really best for demo or very small installations, certainly not in your scenario with multiple 5500s and presumably many, many clients.

You would be much better off using a Microsoft, Unix or IOS DHCP server.  If you don't have one available, you could take one of your APs, stick aIOS on it, and use it as your DHCP server.

New Member

Re: Using one controller as primary DHCP server for 2 or more co

I guess i was under the impression that when mobility groups were cofigured, the lease time, along with other client information (mac address, IP address and such), would replicated from one controller to the other controller over the EoIP tunnel.  If that's not the case, then obviously I'll have to look elsewhere.

Also, does this mean that it will not work, or just that it's not recommended.  If it does work and I have to fix something, at least I can move on with my testing, all while pursuing a DHCP server.  It doesn't sound like using an AP as a DHCP server is any better than using the controllers for that same purpose.

Thank you for the quick response.