Content preview: On 1/18/2012 8:54 AM, Osborne, Bruce W wrote: > James, > >
We are running AP-125 and AP-105 APs from a Server 2008R2 DHCP cluster with
no issues. Is Dynamic ARP Inspection, DHCP Snooping, or IP Source Guard
(Cisco
terms) enabled on the AP ports? I know Aruba had an issue with early AP-125
APs and those services. You either had to disable those or manually update
the firmware on the APs. > > You probably should open a ticket with Aruba
TAC. If there is no DHCP OFFER, the Event Viewer logs on the DHCP server
may provide some clues. > > > Bruce Osborne > Network Engineer > IT Network
Services > > (434) 592-4229 > > LIBERTY UNIVERSITY > 40 Years of Training
Champions for Christ: 1971-2011 > [...]
Content analysis details: (-2.9 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP
-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
[score: 0.0000]
On 1/18/2012 8:54 AM, Osborne, Bruce W wrote:
> James,
>
> We are running AP-125 and AP-105 APs from a Server 2008R2 DHCP cluster with
> no issues. Is Dynamic ARP Inspection, DHCP Snooping, or IP Source Guard
> (Cisco terms) enabled on the AP ports? I know Aruba had an issue with early
> AP-125 APs and those services. You either had to disable those or manually
> update the firmware on the APs.
>
> You probably should open a ticket with Aruba TAC. If there is no DHCP OFFER,
> the Event Viewer logs on the DHCP server may provide some clues.
>
>
> Bruce Osborne
> Network Engineer
> IT Network Services
>
> (434) 592-4229
>
> LIBERTY UNIVERSITY
> 40 Years of Training Champions for Christ: 1971-2011
>
So it looks like it may be the DHCP relay wait timer, but I'm still
trying to work out the specifics of why that fixed it at another site
yesterday. The Checkpoint firewalls that are the L3 gateways default
to 3 seconds for DHCP relay forwarding. This is designed to allow a
local broadcast domain DHCP server to respond first, and hence be first
to respond with a DHCPOFFER. Another admin setting up his local test
AP135s found mention of timer issues on an airheads thread and
explicitly set the wait timer to 0 and got his APs working with DHCP
after OS boot.
Now my reading of the timer feature would be that the DHCP DISCOVER
packets from the client wouldn't even be forwarded until the wait timer
expired, but I was seeing them being sent right away. It would have
to be a flag being set in the packet that was causing the Windows DHCP
server to no respond as best as I can tell without having dug into the
two dumps in detail. I'll follow up in the thread with some more
detailed findings if I can for future reference.
--
---
James M Keller
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
