DHCP local subnets zone director

  • 1
  • Question
  • Updated 2 years ago
I currently have two sites connected by a layer 3 network. At each site L3 switches route the traffic. At the main site i have a ZD setup and APs connected to the same layer 2 network ( Vlan 1 - management) - 192.168.5.X/24 - This is fine the Wireless client connect and obtain IPs in the Vlan 1 network.

At the second site we again have a Vlan (vlan 1 - 192.168.6.X/24) The APs have IPs assigned in this however the Wireless clients get IP addresses assigned from the management vlan at the other site. I need the clients to get IPs from the local DHCP scope not the 192.168.5.X scope.

Note Both sites have DHCP scopes setup on the lcoal L3 switches. Connecting a laptop to the ports get the correct IPs from DHCP. 

I found the following in the setup guide:

NOTE: All DNS, DHCP, ARP, and HTTP traffic from an unauthenticated wireless client will be passed onto ZoneDirector from the AP via the management VLAN. If the client belongs to a particular VLAN, ZoneDirector will add the corresponding VLAN tag before passing traffic to the corresponding wired network. After client authentication is performed, client traffic will directly go to the wired network from the AP, which will add the corresponding VLAN tag. This explains why it is necessary to configure tagged VLANs for all VLAN switch ports connecting to ZoneDirector and APs

I understand this but how can i achive this across the Layer 3 boundaries as both sites use the same VLAN IDs 

Photo of Chris Griffiths

Chris Griffiths

  • 5 Posts
  • 0 Reply Likes

Posted 2 years ago

  • 1
Photo of Gerard

Gerard

  • 20 Posts
  • 1 Reply Like
What is the DHCP server address, and what scope is it in ? 
Photo of Chris Griffiths

Chris Griffiths

  • 5 Posts
  • 0 Reply Likes
Each subnet has a DHCP scope supplied by the L3 switch at that site. The APs obtain DHCP addresses from the correct DHCP scopes (same if i connect a laptop to the port.) It's only the wireless clients that get an incorrect IP. (from the management Vlan of the ZD)

DHCP server primary site 192.168.5.253
DHCP server secondary site  192.168.6.253
Photo of Gerard

Gerard

  • 20 Posts
  • 1 Reply Like
I'm not sure about this answer. Do you need to enable Option 43 ?
(Edited)
Photo of Chris Griffiths

Chris Griffiths

  • 5 Posts
  • 0 Reply Likes
No the APs have already joined the ZD. This is specifically an issue with Wireless clients and the DHCP IPs that they are obtaining.
Photo of Michael Brado

Michael Brado, Official Rep

  • 2114 Posts
  • 297 Reply Likes

ZoneDirector and APs consider VLAN 1 to be untagged.  If you could use a tagged VLAN for your clients and route between subnets, you'll eliminate the issues.  Otherwise, the problem is with the different subnets using the same (untagged) VLAN ID.


Photo of Gerard

Gerard

  • 20 Posts
  • 1 Reply Like
Guys. If I may inquire, and out of curiosity, what would you be looking for or, if you took a trace with wireshark.
Photo of Chris Griffiths

Chris Griffiths

  • 5 Posts
  • 0 Reply Likes
I understand that using tagged VLANs will resolve the issue at the site with the ZD however the remote side will have for instance VLAN 200 but this will not be visible to the ZD as it's at a different site. 
Photo of Monnat Systems

Monnat Systems, AlphaDog

  • 757 Posts
  • 161 Reply Likes
Chris, in above example if you create a VLAN200 and tag it to WLAN. this VLAN200 is local to the remote site or configured in L3 switch in remote site. correct?

If yes, as long as L3 switch is correctly configured then devices will correctly pull IP from correct range (192.168.6.X/24)

my 2 cents...
Photo of Monnat Systems

Monnat Systems, AlphaDog

  • 760 Posts
  • 163 Reply Likes
chris, i think what you are looking to do is one common SSID & key for both remote and ZD site AP's however users need to get correct IP from respective pools in their own site.

Can't you create a new VLAN (192.168.6.X/24) which you can tag it to ssid broadcasting "only" at remote site AP?

this way you can have devices pick IP from 192.168.6.X/24?
Photo of Chris Griffiths

Chris Griffiths

  • 5 Posts
  • 0 Reply Likes
I am going to do some testing in the next few days and i will report the findings. Thanks for the suggestions thus far.