Cisco WLC – DHCP Bridging Mode

January 2, 2016

This post contains quick notes about configuration a Cisco WLC 2106 (soft. ver. 7.0.240.0) for DHCP Bridging Mode. In this mode WLC does not offer DHCP internal server and does not relay DHCP requests to the specific DHCP external server. In this mode DHCP requests from any wireless clients are bridged to a wired network (where  DHCP server or DHCP relay agent should be placed).

Genaral configuration

Let’s say that you have the Guest WLAN mapped to the interguest Dynamic Interface.

AP Group

The Dynamic Interface is mapped to the VLAN 30 and Physical Interface number 3:

Dynamic Interface

Enable DHCP Bridging Mode

To enable DHCP Bridging Mode you have to disable DHCP Proxy (Controller -> Advanced -> DHCP). This option will disable Internal WLC DHCP server and disable relaying DHCP request to other specific DHCP servers (by WLC).

Enable Bridging mode

For this example: all DHCP requests from clients connected to WLAN Guest will be bridged to Physical Interface number 3 in VLAN 30.

Debug

You can debug DHCP from your WLC controller. In the following example my wireless-client (laptop) was assigned 10.30.100.210 IP address from DHCP server placed in wired network.

(Note: to debug only specific client use debug client MAC-address command).

(Cisco Controller) >
(Cisco Controller) >debug dhcp message enable
(Cisco Controller) >
(Cisco Controller) > (...)
(Cisco Controller) >
*DHCP Socket Task: Jan 02 15:24:10.787: 5c:93:a2:d0:54:14 DHCP received op BOOTREQUEST (1) (len 308,vlan 0, port 1, encap 0xec03)
*DHCP Socket Task: Jan 02 15:24:10.787: 5c:93:a2:d0:54:14 DHCP option len (including the magic cookie) 72
*DHCP Socket Task: Jan 02 15:24:10.787: 5c:93:a2:d0:54:14 DHCP option: message type = DHCP DISCOVER
*DHCP Socket Task: Jan 02 15:24:10.787: 5c:93:a2:d0:54:14 DHCP option: 61 (len 7) - skipping
*DHCP Socket Task: Jan 02 15:24:10.788: 5c:93:a2:d0:54:14 DHCP option: 12 (len 7) - skipping
*DHCP Socket Task: Jan 02 15:24:10.788: 5c:93:a2:d0:54:14 DHCP option: vendor class id = MSFT 5.0 (len 8)
*DHCP Socket Task: Jan 02 15:24:10.788: 5c:93:a2:d0:54:14 DHCP option: 55 (len 12) - skipping
*DHCP Socket Task: Jan 02 15:24:10.788: 5c:93:a2:d0:54:14 DHCP options end, len 72, actual 64
*DHCP Socket Task: Jan 02 15:24:10.788: 5c:93:a2:d0:54:14 DHCP processing DHCP DISCOVER (1)
*DHCP Socket Task: Jan 02 15:24:10.788: 5c:93:a2:d0:54:14 DHCP   op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 0
*DHCP Socket Task: Jan 02 15:24:10.788: 5c:93:a2:d0:54:14 DHCP   xid: 0xe8e954cb (3907605707), secs: 0, flags: 0
*DHCP Socket Task: Jan 02 15:24:10.789: 5c:93:a2:d0:54:14 DHCP   chaddr: 5c:93:a2:d0:54:14
*DHCP Socket Task: Jan 02 15:24:10.789: 5c:93:a2:d0:54:14 DHCP   ciaddr: 0.0.0.0,  yiaddr: 0.0.0.0
*DHCP Socket Task: Jan 02 15:24:10.789: 5c:93:a2:d0:54:14 DHCP   siaddr: 0.0.0.0,  giaddr: 0.0.0.0
*DHCP Socket Task: Jan 02 15:24:10.789: 5c:93:a2:d0:54:14 DHCP successfully bridged packet to DS
*DHCP Socket Task: Jan 02 15:24:13.916: 5c:93:a2:d0:54:14 DHCP received op BOOTREPLY (2) (len 307,vlan 30, port 3, encap 0xec00)
*DHCP Socket Task: Jan 02 15:24:13.916: 5c:93:a2:d0:54:14 DHCP option len (including the magic cookie) 71
*DHCP Socket Task: Jan 02 15:24:13.916: 5c:93:a2:d0:54:14 DHCP option: message type = DHCP OFFER
*DHCP Socket Task: Jan 02 15:24:13.916: 5c:93:a2:d0:54:14 DHCP option: server id = 10.30.0.101
*DHCP Socket Task: Jan 02 15:24:13.916: 5c:93:a2:d0:54:14 DHCP option: netmask = 255.255.0.0
*DHCP Socket Task: Jan 02 15:24:13.916: 5c:93:a2:d0:54:14 DHCP option: gateway = 10.30.0.1
*DHCP Socket Task: Jan 02 15:24:13.916: 5c:93:a2:d0:54:14 DHCP option: lease time = 60000 seconds
*DHCP Socket Task: Jan 02 15:24:13.916: 5c:93:a2:d0:54:14 DHCP option: 58 (len 4) - skipping
*DHCP Socket Task: Jan 02 15:24:13.916: 5c:93:a2:d0:54:14 DHCP option: 59 (len 4) - skipping
*DHCP Socket Task: Jan 02 15:24:13.916: 5c:93:a2:d0:54:14 DHCP option: 7 (len 4) - skipping
*DHCP Socket Task: Jan 02 15:24:13.916: 5c:93:a2:d0:54:14 DHCP option: 66 (len 11) - skipping
*DHCP Socket Task: Jan 02 15:24:13.916: 5c:93:a2:d0:54:14 DHCP options end, len 71, actual 64
*DHCP Socket Task: Jan 02 15:24:13.916: 5c:93:a2:d0:54:14 DHCP processing DHCP OFFER (2)
*DHCP Socket Task: Jan 02 15:24:13.916: 5c:93:a2:d0:54:14 DHCP   op: BOOTREPLY, htype: Ethernet, hlen: 6, hops: 0
*DHCP Socket Task: Jan 02 15:24:13.916: 5c:93:a2:d0:54:14 DHCP   xid: 0xe8e954cb (3907605707), secs: 0, flags: 0
*DHCP Socket Task: Jan 02 15:24:13.917: 5c:93:a2:d0:54:14 DHCP   chaddr: 5c:93:a2:d0:54:14
*DHCP Socket Task: Jan 02 15:24:13.917: 5c:93:a2:d0:54:14 DHCP   ciaddr: 0.0.0.0,  yiaddr: 10.30.100.210
*DHCP Socket Task: Jan 02 15:24:13.917: 5c:93:a2:d0:54:14 DHCP   siaddr: 10.30.0.101,  giaddr: 0.0.0.0
*DHCP Socket Task: Jan 02 15:24:13.917: 5c:93:a2:d0:54:14 DHCP   server id: 10.30.0.101  rcvd server id: 10.30.0.101
*DHCP Socket Task: Jan 02 15:24:13.917: 5c:93:a2:d0:54:14 DHCP successfully bridged packet to STA
*DHCP Socket Task: Jan 02 15:24:13.920: 5c:93:a2:d0:54:14 DHCP received op BOOTREQUEST (1) (len 327,vlan 0, port 1, encap 0xec03)
*DHCP Socket Task: Jan 02 15:24:13.920: 5c:93:a2:d0:54:14 DHCP option len (including the magic cookie) 91
*DHCP Socket Task: Jan 02 15:24:13.920: 5c:93:a2:d0:54:14 DHCP option: message type = DHCP REQUEST
*DHCP Socket Task: Jan 02 15:24:13.920: 5c:93:a2:d0:54:14 DHCP option: 61 (len 7) - skipping
*DHCP Socket Task: Jan 02 15:24:13.920: 5c:93:a2:d0:54:14 DHCP option: requested ip = 10.30.100.210
*DHCP Socket Task: Jan 02 15:24:13.920: 5c:93:a2:d0:54:14 DHCP option: server id = 10.30.0.101
*DHCP Socket Task: Jan 02 15:24:13.920: 5c:93:a2:d0:54:14 DHCP option: 12 (len 7) - skipping
*DHCP Socket Task: Jan 02 15:24:13.920: 5c:93:a2:d0:54:14 DHCP option: 81 (len 19) - skipping
*DHCP Socket Task: Jan 02 15:24:13.920: 5c:93:a2:d0:54:14 DHCP option: vendor class id = MSFT 5.0 (len 8)
*DHCP Socket Task: Jan 02 15:24:13.920: 5c:93:a2:d0:54:14 DHCP option: 55 (len 12) - skipping
*DHCP Socket Task: Jan 02 15:24:13.920: 5c:93:a2:d0:54:14 DHCP options end, len 91, actual 83
*DHCP Socket Task: Jan 02 15:24:13.920: 5c:93:a2:d0:54:14 DHCP processing DHCP REQUEST (3)
*DHCP Socket Task: Jan 02 15:24:13.920: 5c:93:a2:d0:54:14 DHCP   op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 0
*DHCP Socket Task: Jan 02 15:24:13.920: 5c:93:a2:d0:54:14 DHCP   xid: 0xe8e954cb (3907605707), secs: 0, flags: 0
*DHCP Socket Task: Jan 02 15:24:13.920: 5c:93:a2:d0:54:14 DHCP   chaddr: 5c:93:a2:d0:54:14
*DHCP Socket Task: Jan 02 15:24:13.921: 5c:93:a2:d0:54:14 DHCP   ciaddr: 0.0.0.0,  yiaddr: 0.0.0.0
*DHCP Socket Task: Jan 02 15:24:13.921: 5c:93:a2:d0:54:14 DHCP   siaddr: 0.0.0.0,  giaddr: 0.0.0.0
*DHCP Socket Task: Jan 02 15:24:13.921: 5c:93:a2:d0:54:14 DHCP   requested ip: 10.30.100.210
*DHCP Socket Task: Jan 02 15:24:13.921: 5c:93:a2:d0:54:14 DHCP   server id: 10.30.0.101  rcvd server id: 10.30.0.101
*DHCP Socket Task: Jan 02 15:24:13.921: 5c:93:a2:d0:54:14 DHCP successfully bridged packet to DS
*DHCP Socket Task: Jan 02 15:24:13.931: 5c:93:a2:d0:54:14 DHCP received op BOOTREPLY (2) (len 307,vlan 30, port 3, encap 0xec00)
*DHCP Socket Task: Jan 02 15:24:13.931: 5c:93:a2:d0:54:14 DHCP option len (including the magic cookie) 71
*DHCP Socket Task: Jan 02 15:24:13.931: 5c:93:a2:d0:54:14 DHCP option: message type = DHCP ACK
*DHCP Socket Task: Jan 02 15:24:13.931: 5c:93:a2:d0:54:14 DHCP option: server id = 10.30.0.101
*DHCP Socket Task: Jan 02 15:24:13.931: 5c:93:a2:d0:54:14 DHCP option: netmask = 255.255.0.0
*DHCP Socket Task: Jan 02 15:24:13.931: 5c:93:a2:d0:54:14 DHCP option: gateway = 10.30.0.1
*DHCP Socket Task: Jan 02 15:24:13.931: 5c:93:a2:d0:54:14 DHCP option: lease time = 60000 seconds
*DHCP Socket Task: Jan 02 15:24:13.931: 5c:93:a2:d0:54:14 DHCP option: 58 (len 4) - skipping
*DHCP Socket Task: Jan 02 15:24:13.931: 5c:93:a2:d0:54:14 DHCP option: 59 (len 4) - skipping
*DHCP Socket Task: Jan 02 15:24:13.931: 5c:93:a2:d0:54:14 DHCP option: 7 (len 4) - skipping
*DHCP Socket Task: Jan 02 15:24:13.931: 5c:93:a2:d0:54:14 DHCP option: 66 (len 11) - skipping
*DHCP Socket Task: Jan 02 15:24:13.931: 5c:93:a2:d0:54:14 DHCP options end, len 71, actual 64
*DHCP Socket Task: Jan 02 15:24:13.931: 5c:93:a2:d0:54:14 DHCP processing DHCP ACK (5)
*DHCP Socket Task: Jan 02 15:24:13.931: 5c:93:a2:d0:54:14 DHCP   op: BOOTREPLY, htype: Ethernet, hlen: 6, hops: 0
*DHCP Socket Task: Jan 02 15:24:13.931: 5c:93:a2:d0:54:14 DHCP   xid: 0xe8e954cb (3907605707), secs: 0, flags: 0
*DHCP Socket Task: Jan 02 15:24:13.931: 5c:93:a2:d0:54:14 DHCP   chaddr: 5c:93:a2:d0:54:14
*DHCP Socket Task: Jan 02 15:24:13.931: 5c:93:a2:d0:54:14 DHCP   ciaddr: 0.0.0.0,  yiaddr: 10.30.100.210
*DHCP Socket Task: Jan 02 15:24:13.931: 5c:93:a2:d0:54:14 DHCP   siaddr: 10.30.0.101,  giaddr: 0.0.0.0
*DHCP Socket Task: Jan 02 15:24:13.931: 5c:93:a2:d0:54:14 DHCP   server id: 10.30.0.101  rcvd server id: 10.30.0.101
*DHCP Socket Task: Jan 02 15:24:13.932: 5c:93:a2:d0:54:14 192.168.1.11 RUN (20) Skipping TMP rule add
*DHCP Socket Task: Jan 02 15:24:13.932: 5c:93:a2:d0:54:14 apfMsRunStateDec
*DHCP Socket Task: Jan 02 15:24:13.932: 5c:93:a2:d0:54:14 192.168.1.11 RUN (20) Change state to DHCP_REQD (7) last state RUN (20)
*DHCP Socket Task: Jan 02 15:24:13.932: 5c:93:a2:d0:54:14 In apfMsDhcpStateClear for station  ---
*DHCP Socket Task: Jan 02 15:24:13.932: 5c:93:a2:d0:54:14 apfMsRunStateInc
*DHCP Socket Task: Jan 02 15:24:13.932: 5c:93:a2:d0:54:14 10.30.100.210 DHCP_REQD (7) Change state to RUN (20) last state RUN (20)
*DHCP Socket Task: Jan 02 15:24:13.932: 5c:93:a2:d0:54:14 10.30.100.210 RUN (20) Reached PLUMBFASTPATH: from line 5359
*DHCP Socket Task: Jan 02 15:24:13.932: 5c:93:a2:d0:54:14 10.30.100.210 RUN (20) Replacing Fast Path rule
  type = Airespace AP Client
  on AP 00:21:d8:35:e9:60, slot 1, interface = 1, QOS = 0
  ACL Id = 255, Jumbo Frames = N
*DHCP Socket Task: Jan 02 15:24:13.932: 5c:93:a2:d0:54:14 10.30.100.210 RUN (20) Fast Path rule (contd...) 802.1P = 0, DSCP = 0, TokenID = 1506  IPv6 Vlan = 30, IPv6 intf id = 5
*DHCP Socket Task: Jan 02 15:24:13.932: 5c:93:a2:d0:54:14 10.30.100.210 RUN (20) Successfully plumbed mobile rule (ACL ID 255)
*DHCP Socket Task: Jan 02 15:24:13.932: 5c:93:a2:d0:54:14 Assigning Address 10.30.100.210 to mobile
*DHCP Socket Task: Jan 02 15:24:13.932: 5c:93:a2:d0:54:14 DHCP success event for client. Clearing dhcp failure count for interface interguest.
*DHCP Socket Task: Jan 02 15:24:13.933: 5c:93:a2:d0:54:14 DHCP successfully bridged packet to STA

Sources

  1. http://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/110865-dhcp-wlc.html#Internal-DHCP

Leave a Reply

Your email address will not be published. Required fields are marked *