01-23-2025 01:09 AM
Hello, I have a doubt when Ap powers up and send a dhcp discover packet and once wlc receives the dicover packet would it broadcast it or deny the broadcast of discover packet like router.
Else I have to enter relay command to let it know where the dhcp server is.
Solved! Go to Solution.
01-24-2025 03:54 AM
From an AP (or any other device on wired network) generally 9800 will behave like a router and not forward broadcasts (certainly never back to the wired).
For a wireless client 9800 handles broadcasts as a special case. In general broadcasts are not forwarded to wireless - for example ARP broadcast is converted to unicast on wireless and best practice is to use ARP proxy on WLC so 9800 responds on behalf of the client. Same would apply to a DHCP reply from wired to wireless client.
Passive client is another special case: https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/technical-reference/c9800-best-practices.html#PassiveClients
For more general discussion of WLC and broadcasts see:
https://community.cisco.com/t5/wireless/flexconnect-and-broadcasts/td-p/2044077
To enable broadcast support on a VLAN, use the wireless broadcast vlan command in global configuration mode. To disable Ethernet broadcast support, use the no form of the command.
But note that there is a bug with this command: https://bst.cisco.com/bugsearch/bug/CSCwc66967 (meaning do not use it unless you really know what you are doing) because broadcasts on WiFi can cause major problems for you.
01-23-2025 01:23 AM
Friend'
Broadcast discovery only use when both AP abd wlc in same subnet'
If AP and wlc in different subnet you can use relay in SW but cisco provides additional discovery method that not need this relay
Like use dhcp op
Use dns
So I dont prefer use relay in SW for discovery
MHM
01-23-2025 08:22 AM
There's no reason why the WLC would be listening to DHCP discover packets unless you are running local DHCP server on the WLC.
> once wlc receives the dicover packet would it broadcast it
Never! Not even a router would broadcast a received broadcast packet - that is strictly forbidden by RFC because it would cause a broadcast storm. If the DHCP discover packet needs to be relayed then the device configured for relay will unicast the packet to the DHCP server. If the packet is received by an interface which is acting as DHCP server then the packet will be processed and DHCP OFFER or NACK will be sent to the client which is the AP in this case.
> deny the broadcast of discover packet like router
Router will ignore the packet if it is not configured as DHCP server or relay (helper). WLC would ignore the packet unless it is running as local DHCP server for that interface.
What model of WLC are you referring to and what software version are you using?
What are you trying to achieve?
Do you have a diagram showing the topology of the network?
DHCP is usually handled by the local router or switch.
01-24-2025 03:21 AM
We have a separate dhcp server to handle such request, but my question related solely to wlc.
When router receives a broadcast packet it would not broadcast it and when a switch receives it would broadcast to every interface except from where it came from. I just wanted to know how wlc behaves when it receives a broadcast packet.
01-24-2025 03:26 AM
You confuse me here
If AP send broadcast discovery then check my answer above
If wifi client send broadcast then
1- broadcast for dhcp' here depend of wlc config but wlc 9800 common config is bridge the broadcast from wlan to vlan (wired)
2- it ask about mac address using arp here also depends on wlc config' most wlc use arp proxy
MHM
01-24-2025 03:27 AM
Case1 non common and not recommend is using dhcp as relay ( like l3 router) here the wlc will relay broadcast and change it to unicast
MHM
01-24-2025 03:54 AM
From an AP (or any other device on wired network) generally 9800 will behave like a router and not forward broadcasts (certainly never back to the wired).
For a wireless client 9800 handles broadcasts as a special case. In general broadcasts are not forwarded to wireless - for example ARP broadcast is converted to unicast on wireless and best practice is to use ARP proxy on WLC so 9800 responds on behalf of the client. Same would apply to a DHCP reply from wired to wireless client.
Passive client is another special case: https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/technical-reference/c9800-best-practices.html#PassiveClients
For more general discussion of WLC and broadcasts see:
https://community.cisco.com/t5/wireless/flexconnect-and-broadcasts/td-p/2044077
To enable broadcast support on a VLAN, use the wireless broadcast vlan command in global configuration mode. To disable Ethernet broadcast support, use the no form of the command.
But note that there is a bug with this command: https://bst.cisco.com/bugsearch/bug/CSCwc66967 (meaning do not use it unless you really know what you are doing) because broadcasts on WiFi can cause major problems for you.
01-23-2025 09:39 AM
@rsha When an AP powers up and sends a DHCP Discover packet, the packet is sent to the local network. If the WLC (Wireless LAN Controller) receives the Discover packet, it doesn’t broadcast it further like a router. Instead, the WLC only handles DHCP requests if it is configured as a DHCP server. If your DHCP server is on another network, you need to configure a DHCP relay (using the ip helper-address command on the router or switch) to forward the Discover packet to the DHCP server.
01-24-2025 03:15 AM
@vishalbhandari all you've done is repeat my answer (mostly) but got wrong the fact that "broadcast it further like a router" - routers do not broadcast received broadcast packets!!!!!
01-24-2025 03:48 AM
WLC is essentially a layer2 device. As such, it will forward broadcast.
Eventually you can change this behavior. For example, by create Dynamic interfaces on AirOS WLC or interfaces vlan in IOS-XE WLCs.
Related to DHCP specifically, the WLC can act as proxy or not. While as proxy, it will not forward DHCP broadcast and will send unicast instead. If proxy is not enable, it will forward DHCP to the direct connect Layer3 device where the interface vlan and ip helper-address will move to DHCP server.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide