Multiple dhcp scopes on autonomous 1142 with multiple ssid

phoeneousphoeneous Member Posts: 2,333 ■■■■■■■□□□
Yo.

I have an autonomous 1142 with two ssid's, two vlan's and two dhcp scopes on the AP itself. Devices can get an ip on vlan 40 but not vlan 41.

Debug says: DHCPD: Finding a relay for client xxx on interface BVI1.

Thoughts on how to get guest ssid to pull an ip from the guest scope?

The AP is trunked to a 2960 and the 2960 is trunked to a 2911 serving as RoAS.

ip dhcp pool ***WIFI***
   network 172.18.84.0 255.255.255.0
   default-router 172.18.84.1 
   dns-server 172.18.80.1 
   domain-name domain.com
!
ip dhcp pool ***GUEST_WIFI***
   network 172.18.88.0 255.255.255.0
   default-router 172.18.88.1 
   dns-server 172.18.80.1 
   domain-name domain.com


dot11 ssid GUEST
   vlan 41
   authentication open 
   authentication key-management wpa version 2
   mbssid guest-mode
   wpa-psk ascii 7 xxx
!
dot11 ssid WIFI
   vlan 40
   authentication open 
   authentication key-management wpa version 2
   mbssid guest-mode
   infrastructure-ssid optional
   wpa-psk ascii 7 xxx




interface Dot11Radio0
 no ip address
 no ip route-cache
 !
 encryption vlan 40 mode ciphers aes-ccm 
 !
 encryption vlan 41 mode ciphers aes-ccm 
 !
 ssid GUEST
 !
 ssid WIFI
 !
 antenna gain 0
 mbssid
 station-role root access-point


interface Dot11Radio0.40
 encapsulation dot1Q 40 native
 no ip route-cache
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface Dot11Radio0.41
 encapsulation dot1Q 41
 no ip route-cache
 bridge-group 41
 bridge-group 41 subscriber-loop-control
 bridge-group 41 block-unknown-source
 no bridge-group 41 source-learning
 no bridge-group 41 unicast-flooding
 bridge-group 41 spanning-disabled


interface GigabitEthernet0
 no ip address
 no ip route-cache
 duplex auto
 speed auto
 no keepalive
!
interface GigabitEthernet0.40
 encapsulation dot1Q 40 native
 no ip route-cache
 bridge-group 1
 no bridge-group 1 source-learning
 bridge-group 1 spanning-disabled
!
interface GigabitEthernet0.41
 encapsulation dot1Q 41
 no ip route-cache
 bridge-group 41
 no bridge-group 41 source-learning
 bridge-group 41 spanning-disabled
!
interface BVI1
 ip address 172.18.84.11 255.255.255.0
 no ip route-cache

interface BVI41
 ip address 172.18.88.11 255.255.255.0
 no ip route-cache
!
ip default-gateway 172.18.84.1


bridge 1 route ip

Comments

  • Dieg0MDieg0M Member Posts: 861
    Where is interface BVI41?
    Follow my CCDE journey at www.routingnull0.com
  • phoeneousphoeneous Member Posts: 2,333 ■■■■■■■□□□
    My bad, forgot to include it in post.
    interface BVI41
     ip address 172.18.88.11 255.255.255.0
     no ip route-cache
    end
    
       
    
    sh ip int bri
    Interface                  IP-Address      OK? Method Status                Protocol
    BVI1                       172.18.84.11    YES NVRAM  up                    up      
    BVI41                      172.18.88.11    YES manual up                    up      
    Dot11Radio0                unassigned      YES NVRAM  up                    up      
    Dot11Radio0.40             unassigned      YES unset  up                    up      
    Dot11Radio0.41             unassigned      YES unset  up                    up      
    Dot11Radio1                unassigned      YES NVRAM  administratively down down    
    GigabitEthernet0           unassigned      YES NVRAM  up                    up      
    GigabitEthernet0.40        unassigned      YES unset  up                    up      
    GigabitEthernet0.41        unassigned      YES unset  up                    up 
    
    
    sh int bvi41
    BVI41 is up, line protocol is up 
      Hardware is BVI, address is c464.13c2.ea84 (bia d4a0.2a4b.4660)
      Internet address is 172.18.88.11/24
      MTU 1500 bytes, BW 54000 Kbit, DLY 5000 usec, 
         reliability 255/255, txload 1/255, rxload 1/255
      Encapsulation ARPA, loopback not set
      ARP type: ARPA, ARP Timeout 04:00:00
      Last input never, output never, output hang never
      Last clearing of "show interface" counters never
      Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
      5 minute input rate 0 bits/sec, 0 packets/sec
      5 minute output rate 0 bits/sec, 0 packets/sec
         0 packets input, 0 bytes, 0 no buffer
         Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
         0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
         0 packets output, 0 bytes, 0 underruns
         0 output errors, 0 collisions, 0 interface resets
         0 unknown protocol drops
         0 output buffer failures, 0 output buffers swapped out
    
    

    I can ping 172.18.80.1 if I source it from bvi1 but not if sourced from bvi41.

    Here is the config of the switchport that the ap is connected to:
    interface GigabitEthernet1/0/30
     description ***1142 AP***
     switchport trunk native vlan 40
     switchport trunk allowed vlan 40,41
     switchport mode trunk
    end
    
  • EdTheLadEdTheLad Member Posts: 2,111 ■■■■□□□□□□
    I've no clue on wireless, so i can only give you info regarding dhcp. Are you using a dhcp relay between the clients and server? If yes, you will need to send an option in the dhcp request to differentiate between allocation pools. If no, both requests should arrive on a different l3 interface on the server, the server will use the ip address on the receiving port to allocate the pool.
    Networking, sometimes i love it, mostly i hate it.Its all about the $$$$
  • Dieg0MDieg0M Member Posts: 861
    Where is "bridge 41 route ip"?
    Follow my CCDE journey at www.routingnull0.com
  • phoeneousphoeneous Member Posts: 2,333 ■■■■■■■□□□
    EdTheLad wrote: »
    I've no clue on wireless, so i can only give you info regarding dhcp. Are you using a dhcp relay between the clients and server? If yes, you will need to send an option in the dhcp request to differentiate between allocation pools. If no, both requests should arrive on a different l3 interface on the server, the server will use the ip address on the receiving port to allocate the pool.

    Huh? The ap is the dhcp server, nothing between clients and ap.
  • phoeneousphoeneous Member Posts: 2,333 ■■■■■■■□□□
    Dieg0M wrote: »
    Where is "bridge 41 route ip"?

    AP(config)#bridge 41 route ip
    %command not allowed, route ip only allowed on bridge group 1
  • Dieg0MDieg0M Member Posts: 861
    Ok wasnt sure if that would work on an AP. The only way you are going to make this work is if the clients share the same subnet/vlan with the ap management ip address. That means in this case you can only have 1 BVI that can be used with the local DHCP pool. For all other VLAN's you will have to use an external DHCP server and use ip-helpers to get to it.
    Follow my CCDE journey at www.routingnull0.com
  • phoeneousphoeneous Member Posts: 2,333 ■■■■■■■□□□
    Dieg0M wrote: »
    Ok wasnt sure if that would work on an AP. The only way you are going to make this work is if the clients share the same subnet/vlan with the ap management ip address. That means in this case you can only have 1 BVI that can be used with the local DHCP pool. For all other VLAN's you will have to use an external DHCP server and use ip-helpers to get to it.

    Yeah, I read that in another forum. Not a big deal, plenty of dhcp boxes to choose from.
  • phoeneousphoeneous Member Posts: 2,333 ■■■■■■■□□□
    I'm revisiting this because I am unable to hit the bvi41 interface of 172.18.88.11/24. I can hit 172.18.88.1/24 which is on a 2911 acting as RoaS. I think it may have to do with bridge irb or bridge 1 route ip but I'm hitting a wall. Thoughts?
Sign In or Register to comment.