cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
401
Views
3
Helpful
10
Replies

DHCP Issue with Wireless

mperdue20
Level 1
Level 1

I have a weird issue with my Cisco 9200 and Aruba APs. Current network has multiple VLANs where the DATA VLAN is 10, the WLAN VLAN is 28, and the management VLAN is 999. All LAN devices plugged into VLAN 10 (DATA) has no issues getting a DHCP address. All clients connecting to the APs which are trunked and on native VLAN 28 take a long time to get a DHCP address. The APs trunk ports have all VLANs allowed and when doing a sh int trunk none of the VLANs are pruned. all switches in the environment and trunked via the management VLAN 999 which also has all the VLANs allowed. We do have a 9500 acting as a core switch doing routing which also is setup with all VLANs allowed. The SVI on the core for the WLAN is setup with an IP helper address pointing to the DHCP server (on prim). So at this point im stumped as to what is causing the delayed IP addresses on the wireless. A PC can connect to the SSID no issue, just gets an APIPA addresses until either it waits long enough or its force to do a release then renew a few time. Eventually it will get a DHCP address. None of the devices connected to the LAN has this issue, as they all get IP addresses immediately. Anyone else run into this issue?

2 Accepted Solutions

Accepted Solutions

In SW 

Disable ip redirects 

Disable ip unreachable 

Disable these under VLAN SVI that have issue.

MHM

View solution in original post

mperdue20
Level 1
Level 1

UPDATE... talked with Cisco Support and found out the issue was not related to the two WLAN VLANs but the data VLAN. it was causing a lot of icmp drops due to Cisco's new Control Plane Protections feature in the 9000 series switches. Tech support ran the following commands
monitor capture cap control-plane in match any buf size 100 start
monitor capture cap stop
show mon cap cap buf br

after only 7 seconds of running the first command we had 4700 drops and the last command showed those drops which all had IP addresses from our data vlan. we put the below commands on the data vlan and all the drops stopped.
no ip redirects

things are looking better now with dhcp request. Hopefully this will help others out who are having this issue.
 

View solution in original post

10 Replies 10

In SW 

Disable ip redirects 

Disable ip unreachable 

Disable these under VLAN SVI that have issue.

MHM

ok ill try that and see what happens. Thanks.

@mperdue20 

Until prove the opposite, the problem to me is on the AP. If some configuration on the core were causing this, It should affect all the scopes.

 One good thing to do would be use wireshark to sniff the traffic and see whats going on between the AP and switch.

mperdue20
Level 1
Level 1

@Flavio Miranda 

after adding the VLAN thats causing the issue to a LAN port and connecting my PC to that LAN port, i had the same issue as if i were trying to get DHCP from the wireless. This tells me that something on the switches are causing the issue. It took 3 ipconfig /renews before i was able to obtain an IP address from the wired LAN connection on VLAN 28. Im in the process of running wireshark now on the pc to see if i can determine whats causing this.

Sounds interesting. Let us about the logs

mperdue20
Level 1
Level 1

so i think i may have figure this out. there are two route entries in my bgp routing table that maybe conflicting with vlan 28. This vlan is a /23 and theres a entry in the table for this subnet as a /23 and /24. So im wondering if i remove the incorrect route, the /24 if things will work as it should. So for example the table has 
network 192.168.1.0 mask 255.255.255.0
network 192.168.1.0 mask 255.255.254.0
and im wondering if the core is trying to use that first route entry then eventually using the second entry which is the correct one.

I will send you doc. about the issue 

MHM

If the /24 is incorrect you should remove it cause the routing protocol will use it as it is more specific than /23.

mperdue20
Level 1
Level 1

Thanks to @MHM Cisco World. So far the no ip redirects command in the SVI seems to have resolved the issue. im going to give it another week and see how users in my environment respond. hopefully the complaints will go away.

mperdue20
Level 1
Level 1

UPDATE... talked with Cisco Support and found out the issue was not related to the two WLAN VLANs but the data VLAN. it was causing a lot of icmp drops due to Cisco's new Control Plane Protections feature in the 9000 series switches. Tech support ran the following commands
monitor capture cap control-plane in match any buf size 100 start
monitor capture cap stop
show mon cap cap buf br

after only 7 seconds of running the first command we had 4700 drops and the last command showed those drops which all had IP addresses from our data vlan. we put the below commands on the data vlan and all the drops stopped.
no ip redirects

things are looking better now with dhcp request. Hopefully this will help others out who are having this issue.
 

Review Cisco Networking for a $25 gift card