Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
345
Views
0
Helpful
2
Replies

mobility and ip address assignment

koeppend
Level 4
Level 4

‎08-29-2007 08:35 PM - edited ‎07-03-2021 02:33 PM

Hi All

A question about mobility and ip address assignment.

I understand the need for IP address mobility, where a user can obtain an IP address and roam across multiple L2 access points and even different AP Vlan groups (part of separate ip subnets) and still maintain the same IP address because effectively the host is on a tunnel that follows the user. (that?s my concept of the technology).

I?m running a number of WiSMs in a high rise about 8 floors.

I also run 4 different AP Vlan groups in order to segment my users within a single wireless SSID. 1x AP Vlan group per ever two floors. So in effect I have 4 IP subnets looking after 8 floors.

It is my understanding that if users roam to another area of the organisation that is supported by a different set of Access points and those access points are bound to a different ?AP Vlan group?, (than the AP Vlan group they originated from), that the users IP address will not change to the new subnet unless the user completely logs off and logs back into the network forcing an IP address renewal though the AP Vlan group that their associated AP is bound to.

For some reason my users never get a new address from the new subnet, even when they have roamed from floor 1 to floor 9, they have traversed 3 different AP Vlan groups, I log the laptop out completely and log it back into the network, the wireless host still obtains its original address even thou I have checked the Access points and they are bound to a completely separate AP Vlan group and subnet.

Yes I have 4 dynamic interfaces on each of my 2 WiSM?s (4 controllers) for all 4 AP Vlan groups, in the even that a WiSM fails and the AP?s fail over to their secondary WiSM the users can still maintain connectivity though the AP Vlan that their associated AP is bound to.

My question, I?m not understanding why an Access point, that is specifically setup and bound to AP Vlan group <2> would allocate an address from AP Vlan Group <1> even thou the user has completely logged out and logged in to an associated to an AP that is part of the AP Vlan Group <2>

Is there a command to not cache users mac to IP relationship?

Is there a way that I can get the wism not to allocate the original IP address but rather check the AP Vlan group the access point is bound to and allocate an address from that pool ?

Or could the Session timeout under the SSID in the WiSM play a role in this ?

Could my 802.1x NAC solution be affecting this in any way? Ie long pac TTL

I know this is catch-22, the whole point of mobility is to have your Layer 3 address following you but the system should still allocate a new address once a release and renew has been initiated. Shouldn?t it ?

Regards,

Dale

P.S. if you wondering why I want this, we have login scripts that are based on IP address so if a user is allocated an address from the address pool that looks after floors 8 and 9, the user is allocated the printers for that floor.

Labels:
0 Helpful
2 Replies 2

koeppend
Level 4
Level 4

‎08-29-2007 09:22 PM

Never mind all,..worked it out.

I answered my own question.

It was session timeout under the SSID in the WiSM.

Had it set to 1800 (default)

Set it to 300 and users are now able to obtain new addresses after 5 mins being disconnected.

0 Helpful

zhenningx
Level 4
Level 4

‎08-30-2007 07:17 AM

After you roam from floor 1 to floor 9, log off and log back into the network before the "User idle timeout", you will still get the IP from the wism at floor 1. Because the client is still remembered by that anchor controller and is still treated as the roaming client. If you kick the user off from the anchor controller and log back in again, you will get the new IP from the floor 9.

In layer 3 mobility, the user will get the same IP after roams to foreign WLC even after a release/renew. But if you shutdown the computer for longer than the User Idle Timeout and start again, you will get the new IP because the user has been removed from the anchor WLC after the timeout. What is what I have observed.

Zhenning

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card