Re: WLC and mobility anchor- dhcp

Neil Haswell · ‎01-23-2011

Hi,

The setup I have an issue with is one where a suboffice has a WLC. The head office has another WLC as the anchor for mobility groups. We are using a main corportate SSID with certificate authentication although the mobility group is for the guest wireless.

Just the other day after a router swap out the office clients could no longer get an IP address from the headoffice WLC where the internal DHCP service is kept on the WLC.

I understand that DHCP requests are made from WLC to WLC over eoip. Is there anything in the router config that might prevent this. (ACL etc..)

The headoffice can ping the DHCP default gateway for this guest network but the suboffice WLC cannot ping the default gateway. However running a ping from the suboffice WLC GUI to the HO mobility anchor works fine and visa versa?

If there any any troubleshooting commands that may help they would be gratefully appreciated.

Many thanks,

Scott Fella · ‎01-23-2011

Is your mobility up? Are you able to eping or mping from the CLI of one wlc to the other.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

wireless wlc · ‎01-23-2011

Hi Neil,

"but the suboffice WLC cannot ping the default gateway " : if you cannot ping gateway, i suspect a routing issue, maybe few routes are missing in the newly installed router ? do a sh ip route for the suboffice and headoffice networks and see if you have the routes.

If routing is proper and if it still doesnt work, you should check mping and eping from suboffice to headoffice to see if the mobility tunnels are up (show mobility summary on the wlc's) . You need to open up UDP ports 16666 (if there are any ACL's on your WAN gateway/firewall etc blocking this ) and also IP protocol 97 should be allowed all the way from your suboffice wlc to headoffice.

hope this helps

Joe

Neil Haswell · ‎01-24-2011

HI,

I have checked the eping and mping from the suboffice WLC and visa versa and that checks out ok.

I suspect the new router is the issue but I need to try and find a way of proving it.

Is there any command I can use on the suboffice WLC to test that all the required ports are open a sort of telnet 16666?

Trying a ping from the router or switch to the DHCP server doesnt work even in the HO as I suspect the traffic has to originate from the WLC that is creating the eoip tunnel.

Thanks for your help

wireless wlc · ‎01-24-2011

Do a 'debug ip packet ' on the router and 'debug dhcp messages enable' on the wlc's and see what the logs say.

regards

Joe

George Stefanick · ‎01-23-2011

Neil,

6.x and 7.0.98.0 have issues with the DHCP scope on the WLC. In fact, Cisco released 7.0.98.4 to fix the known issue(s). May not be related to your issue, but wanted to mention it ...

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

wireless wlc · ‎01-23-2011

George, did you mean 6.0.199.4 ? Cos i dont find 7.0.98.4 on CCO ?

regards

Joe

Surendra BG · ‎01-23-2011

Hi,

Yes 6.0.199.4 and 7.0.98 is affected!! you need to raise a TAC case to get the 7.0.98.4 or 6.0.200.6

Regards

Surendra

Regards
Surendra BG

wireless wlc · ‎01-23-2011

Thanks for the info Surendra. Does the fix allow you to also clear the dhcp leases on the WLC ? it was not possible earlier and was quite annoying .to reboot to clear DHCP lease. (and sometimes even reboot didnt clear the leases ! )

regards

Joe

Surendra BG · ‎01-23-2011

Hi,

Thanks for the response!!

if you are running 7.0 and above then its possible.. just now checked the same on my WLC.. the command is..

(WiSM-slot2-2) >config dhcp clear-lease ?

Enter the IP address.
all Clear all Leases.

lemme know if this answered your question..

Regards
Surendra
====
Please dont forget to rate the posts which answered your question and mark it as answered or was helpfull

Regards
Surendra BG

George Stefanick · ‎01-24-2011

If i could offer any device when it comes to DHCP on the WLC, dont do it ...

This has been a thorn in a lot of peoples side for a lond time.

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

wireless wlc · ‎01-24-2011

Agree with George !, put that dhcp scope anywhere else other than on the WLC ! If there is a dhcp malfunction, you will have to reboot your wireless network to get things running again, not to mention the many instances where your clients dont get an ip address and related 'side effects' of putting dhcp scope on the WLC !

regards

Joe

Scott Fella · ‎01-24-2011

Okay so the wlc must be able to ping it's default gateways and the gateway of the other wlc. Have you checked the configurations on the router? Nothing has changed in the wireless side correct? Here is a good link regarding mobility. It's guest anchoring, but it's the same what you are trying to do.

http://www.cisco.com/en/US/products/ps6366/products_tech_note09186a0080b1a506.shtml

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***