06-03-2020 03:42 PM - edited 07-05-2021 12:08 PM
One of the goals of the virtual interface on a WLC is to attend DHCP requests, the IP of this virtual interface must not be pingable but is used for DHCP requests... and from clients perspective the virtual interface address is the DHCP server ip address.
so do we have to configure the virtual interface address on the ip helper address command to redirect the request to that ip address so the requests can reach WLC's virtual interface?
I made this question considering that the WLC and users would be in different networks or when they are tunneled they appeared to be in the same network so they don't need ip helper-address command?
Solved! Go to Solution.
06-03-2020 04:25 PM
"so do we have to configure the virtual interface address on the ip helper address command to redirect the request to that ip address so the requests can reach WLC's virtual interface?"
No, you cannot configure anything under the virtual IP address. It is used as a proxy between client & real DHCP server when it comes to DHCP. There are two method of implementing it.
DHCP-Proxy Enable
When client DHCP Discover/Request comes, WLC knows which dynamic interface client should get iP address from. So it will use that dynamic IP address when it sends traffic to the real DHCP server (configured under dynamic interface & not for virtual interface). However, when it communicates back to the client it uses virtual IP address, so real DHCP server IP is not visible to client.
DHCP-Proxy Disable
Without DHCP-Proxy, then WLC act transparently, so client DHCP broadcast (Discover/request) directly go to switch SVI and that's the place you configure "IP helper-address" command.
HTH
Rasika
*** Pls rate all useful responses ***
06-03-2020 04:25 PM
"so do we have to configure the virtual interface address on the ip helper address command to redirect the request to that ip address so the requests can reach WLC's virtual interface?"
No, you cannot configure anything under the virtual IP address. It is used as a proxy between client & real DHCP server when it comes to DHCP. There are two method of implementing it.
DHCP-Proxy Enable
When client DHCP Discover/Request comes, WLC knows which dynamic interface client should get iP address from. So it will use that dynamic IP address when it sends traffic to the real DHCP server (configured under dynamic interface & not for virtual interface). However, when it communicates back to the client it uses virtual IP address, so real DHCP server IP is not visible to client.
DHCP-Proxy Disable
Without DHCP-Proxy, then WLC act transparently, so client DHCP broadcast (Discover/request) directly go to switch SVI and that's the place you configure "IP helper-address" command.
HTH
Rasika
*** Pls rate all useful responses ***
06-03-2020 05:04 PM
Thanks for answering.
Then, focusing when a user sends DHCP Requests, do these requests reaches automatically to the WLC since they are in the same network thanks to the CAPWAP tunnel?
06-03-2020 10:16 PM - edited 06-04-2020 02:29 PM
Yes, in centralized deployment (local mode AP), whatever data frames comes to AP, it will encapsulate into CAPWAP (dst udp port 5247) and send it to WLC. WLC will de-encapsulate & see the inner DHCP packet details. Then take action according to DHCP proxy configuration of WLC
HTH
Rasika
06-04-2020 02:01 PM
thank you so much!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide