Solved: Workgroup Bridge DHCP Address?

DominicMcBride · ‎01-13-2016

Hello,

I have an autonomous AP which is working successfully as a workgroup bridge for a wired client device. The WGB is connected to a lightweight/WLC-controlled wireless network. When the client is connected to the WGB's Ethernet port, it receives an IP address via DHCP and can communicate as expected.

If there is no wired client connected to the WGB, it receives a DHCP address of its own, and the "show dot11 bssid" command shows the WGB's MAC address. The WGB is then reachable over the network on the allocated IP address (example "1.2.3.4" in this case).

%LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
%LINK-6-UPDOWN: Interface BVI1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to up
%DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 1.2.3.4, mask 255.255.255.0, hostname myhostname

myhostname#sh dot11 bssid
Interface BSSID Guest SSID
Dot11Radio0 dcce.c1ab.1234 No mynetwork

However, if the wired client is connected, I get the following messages and the MAC address changes to that of the wired client:

%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up
uclient mac address is added to the bridge table,will associate using uclient mac address

myhostname#sh dot11 bssid
Interface BSSID Guest SSID
Dot11Radio0 705a.b6ab.1234 No mynetwork

As soon as this happens, the WGB stops being reachable on its IP address ("1.2.3.4") - I can't ping it, and SNTP won't update the clock. If the client is connected from the moment that the WGB is powered up, then it goes straight into this latter situation - the client is reachable but the WGB itself isn't. It's obviously still associated while this is happening, or the client wouldn't get an IP and be reachable (which it is).

If the client is then disconnected, and it's MAC address aged out of the bridging table, the situation reverts and the WGB becomes reachable again.

I'm wondering if it's possible to configure the WGB so that it also has a reachable IP address, as well as the client, when the client is connected? I have a feeling it may be related to this part of the config, but let me know if anything else is required:

interface BVI1
mac-address dcce.c1ab.1234
ip address dhcp client-id Dot11Radio0

I should possibly also mention that the workgroup bridge is configured in universal mode, as we do not have Aironet IE enabled on the SSID in question.

interface Dot11Radio0
...
station-role workgroup-bridge universal 705a.b6ab.1234
...
end

Thanks in advance!

Dominic

Freerk Terpstra · ‎01-13-2016

This is the behavior to expect with WGB universal mode. If the client MAC address is within the bridge table of the access-point it will spoof it for the wireless communication (and only then to prevent unwanted spoofing). Due to this the wireless infrastructure has no idea that this access-point is in between. My advice is to enable the "Aironet IE extensions" and use the "default" WGB mode as described in your other topic.

Please rate useful posts... :-)

View solution in original post

Freerk Terpstra · ‎01-13-2016

This is the behavior to expect with WGB universal mode. If the client MAC address is within the bridge table of the access-point it will spoof it for the wireless communication (and only then to prevent unwanted spoofing). Due to this the wireless infrastructure has no idea that this access-point is in between. My advice is to enable the "Aironet IE extensions" and use the "default" WGB mode as described in your other topic.

Please rate useful posts... :-)

DominicMcBride · ‎01-14-2016

Hi Frank - I think we would rather keep Aironet IE disabled, as information online suggests that it can cause issues with some clients, and the SSID in question provides BYOD network access, meaning it sees a lot of different client devices. The MAC spoofing behaviour doesn't really cause any major problems, I was just curious about why it was happening. Thanks for clarifying!