09-15-2022 01:52 PM
I am just a bit confused on DHCP Proxy vs DHCP Bridging. I'll just mention in my environment all the DHCP is handled on Microsoft Windows Server DHCP servers on our local sites domain controllers. We have a DC in each site. On our core switches each SVI has an ip helper address pointing to the local sites DC.
How I understand it is with DHCP bridging it's quite simple in which a client will broadcast a DHCP Discover, and then based on the SSID it's connecting to it flows up through the SVI (the same as a wired client would) and relays to our Microsoft DHCP server and using the GIADDR gets mapped to the proper DHCP scope.
I am not too familiar with DHCP Proxy on Cisco WLC's but after some brief reading how I understood it is that the WLC will act as an intermediary proxy between the client and the DHCP server so that the client is not communicating directly with the DHCP server. So for example, client broadcasts out a DHCP Discover, the WLC then unicasts forwards it to the DHCP server configured under its WLC interface.
So let's use an example topology where Site A is 10.1.0.0/16 and Site B is 10.2.0.0/16 each with their own local Microsoft DHCP server. Assuming the WLC is in site A and has DHCP proxy enabled and let's say its DHCP server for Site A is 10.1.0.10 with all of Site A's scopes, and the DHCP server for Site B is 10.2.0.10 with all of Site B's scopes. If a client at Site B wishes to lease an address via DHCP, it broadcasts out a discover and this hits the WLC, and the WLC then would relay that to 10.1.0.10.
Now in my production environment what I am thinking is a tad weird is we have DHCP Proxy enabled, however clients leasing addresses at Site B are still leasing from Site B's DHCP server, even though that is not configured on any interfaces in the WLC.
Solved! Go to Solution.
09-16-2022 04:16 AM
Hi
You need to make sure you are using Local switching or central switching on the WLAN. If you are using local switching then don´t matter if the WLC is proxy or not. The DHCP request sent from client will be floaded locally on the Site A and B network and the WLC will not care about it.
Now, if you are using Central switching then the DHCP request sent by client will get to the WLC through the capwap tunnel . On this case, if DHCP proxy is enable, you should to have the DHCP server IP address configured under the WLC dynamic interface. This way, the WLC will know to where ask for IP address for any specific client.
Reading what you wrote: "Now in my production environment what I am thinking is a tad weird is we have DHCP Proxy enabled, however clients leasing addresses at Site B are still leasing from Site B's DHCP server, even though that is not configured on any interfaces in the WLC."
I can assum that you are using Local switching, otherwise, the WLC would not be able to attribute client´s IP address to client in site B if the WLC reside in site A, as the DHCP server reside in different networks.
You can share your WLC´s config here and we can help you to make sure what´s going on.
09-15-2022 02:14 PM
DHCP Proxy vs DHCP Bridging
the Wireless client send broadcast DHCP request
DHCP bridge will only forward if from AP to VLAN (crosponding to SSID)
DHCP proxy the broadcast will convert into unicast and send to Server directly (like dhcp relay)
09-15-2022 02:21 PM
So in DHCP proxy the client broadcasts DHCP to the AP, the AP then forwards to the WLC, and the WLC forwards to its configured Microsoft DHCP server on the respective WLC interface correct?
In DHCP bridging the WLC is not involved in the DHCP process and instead then the AP will not forward to the WLC but instead forward it to the VLAN where it will hit the IP helper address and relay to my Microsoft DHCP servers?
09-15-2022 02:35 PM
no AP in flex forward dhcp broadcast request receive from wireless client after encapsulate it into CAPWAP to WLC
WLC will decide to forward it as broadcast (DHCP bridge) or as unicast (DHCP proxy).
09-15-2022 03:53 PM
Ok but as I mentioned above though in my prod environment we have DHCP Proxy enabled, however wireless clients at Site B are still leasing addresses from Site B's local DHCP server. The WLC has no interfaces configured for Site B's DHCP server, only interfaces for Site A's DHCP Server.
So how is the WLC proxying the DHCP request to Site B's DHCP server?
It almost seems like the AP is not encapsulating the DHCP request in CAPWAP and instead its just hitting the IP helper on the SVI and going to my Site B DHCP server....
09-15-2022 04:04 PM - edited 09-15-2022 04:05 PM
if the Site-B is lease IP from DHCP local then check the mode of AP, I think is flex and it work as local SW not central SW.
09-16-2022 04:16 AM
Hi
You need to make sure you are using Local switching or central switching on the WLAN. If you are using local switching then don´t matter if the WLC is proxy or not. The DHCP request sent from client will be floaded locally on the Site A and B network and the WLC will not care about it.
Now, if you are using Central switching then the DHCP request sent by client will get to the WLC through the capwap tunnel . On this case, if DHCP proxy is enable, you should to have the DHCP server IP address configured under the WLC dynamic interface. This way, the WLC will know to where ask for IP address for any specific client.
Reading what you wrote: "Now in my production environment what I am thinking is a tad weird is we have DHCP Proxy enabled, however clients leasing addresses at Site B are still leasing from Site B's DHCP server, even though that is not configured on any interfaces in the WLC."
I can assum that you are using Local switching, otherwise, the WLC would not be able to attribute client´s IP address to client in site B if the WLC reside in site A, as the DHCP server reside in different networks.
You can share your WLC´s config here and we can help you to make sure what´s going on.
09-16-2022 08:14 AM
I think you are spot on. I just checked the WLC and we are indeed using AP's in FlexConnect mode and FlexConnect Local Switching is enabled. So that explains it.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide