Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1050
Views
0
Helpful
7
Replies

CAPWAP DHCP Issue with 'switchport block multicast' on L2 Interface

Daniel McDavid
Level 1
Level 1

‎03-26-2013 07:17 AM - edited ‎07-03-2021 11:47 PM

Hi all,

We just ran in to an issue with a particular building unable to restore wireless connectivity because our APs could not receive DHCP addresses. We had an outage over the weekend that caused our APs to disassociate from the controller. When the outage was resolved, the APs would not receive an address on their subnet. I could plug in on that VLAN and get an address and every other VLAN in that building (voice, data, security, etc.) all worked fine. The only resolution was when we issued a 'no switchport block multicast on the layer 2 interface on the router. We are running WiSM2s over an MPLS network with Infoblox appliances serving DHCP. Why would our router ID these DHCP request as unknown multicast traffic and block at the interface? Specifically, why would it allow my laptop's DHCP request to pass through, but block request coming from our APs? We did a pcap and the APs are sending out request.

Thanks in advance!

Labels:
0 Helpful
7 Replies 7

George Stefanick
VIP Alumni
VIP Alumni

‎03-26-2013 07:50 AM

Interesting ..

My experience has been that aps broadcast for an ip just like any normal device. Router takes the request and forwards to the dhcp server.

In your capture does the dhcp request show being sent under a multicast address ?

Sent from Cisco Technical Support iPhone App

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
0 Helpful

Daniel McDavid
Level 1
Level 1
In response to George Stefanick

‎03-26-2013 10:51 AM

The DHCP request look like any (src: 0.0.0.0, dst: 255.255.255.255) other except for the fact that the bootp flag within the bootstrap protocol is set to 'broadcast' on the AP request and on a PC, it is set to 'unicast'. TTL is different, but both are high enough.

Edit: I've attached a copy of the pcap.

15357101-capwap_dhcp.pcap.zip
0 Helpful

Yahya Jaber
Cisco Employee
Cisco Employee
In response to Daniel McDavid

‎03-26-2013 01:21 PM

Hi,

just to understand better, where is your DHCP? on the same location as the AP's?

if not, do you have IP helper address on the router?

0 Helpful

Daniel McDavid
Level 1
Level 1
In response to Yahya Jaber

‎03-26-2013 01:24 PM

DHCP is off on a different VRF so we have 2 ip helper-address on the L3 interface for primary and secondary.

I've attached a screen cap of the L2 and L3 interfaces, minus the 'switchport block multicast' on gi2/16.

56 KB
0 Helpful

Yahya Jaber
Cisco Employee
Cisco Employee
In response to Daniel McDavid

‎03-26-2013 02:17 PM

Hi,

i have looked at the captures, and at the end of the file i can see that there is an AP with IP address.

0 Helpful

Daniel McDavid
Level 1
Level 1
In response to Yahya Jaber

‎03-26-2013 02:20 PM

That's my PC. That's the confusing part of this whole thing. I can get an address, but my APs cannot. Removing the 'switchport block multicast' allows the APs to get an address.

0 Helpful

Saravanan Lakshmanan
Cisco Employee
Cisco Employee
In response to Daniel McDavid

‎03-31-2013 02:27 AM

reboot the ap and get the complete capture from the start

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card