Frame Tagging

Lamar Milligan lmilligan at co.walton.ga.us
Fri Aug 2 12:45:43 UTC 2013 

I had this (or a similar) problem several years ago when I first started
using vlans on my network.  My dhcpd service was seeing multiple requests
from each client.  I added ip helper addresses on each vlan, directing the
requests to the dhcp server.  The switch inserts the ip address of its
interface on the client subnet in the packet.  The dhcp server uses that to
respond with valid config options for the client.  The relevant
configuration for my (HP Procurve) switch looks like this:

vlan 1
	ip helper-address 192.168.1.1 # IP address of the dhcp server
	exit
vlan 2
	ip helper-address 192.168.1.1 # IP address of the dhcp server
	exit

and so on

Hope this helps,

Lamar Milligan


> -----Original Message-----
> From: dhcp-users-bounces+lmilligan=co.walton.ga.us at lists.isc.org
[mailto:dhcp-
> users-bounces+lmilligan=co.walton.ga.us at lists.isc.org] On Behalf Of George
S.
> Sent: Thursday, August 01, 2013 10:25 AM
> To: dhcp-users at lists.isc.org
> Subject: Frame Tagging
> 
> I'm using DHCP 4.2.5 on a linux machine running kernel version 3.7.10
> 
> I've got the eth0 interface setup using Frame Tagging.  I've got a
secondary
> interface eth0.2 running the network 172.22.0.0. There is only one
physical network.
> The frame tagging is getting done by a wifi access point. Anything coming
over
> the open wifi network should be coming in with the frame tagged for id 2.
The
> problem is that DHCP seems to be doing things wrong. It's looking to me
like it's
> ignoring the frame tagging and it's processing the DHCP request on both
> interfaces. So, I'm getting people from the public wifi on the wrong
network.
> 
> I've searched and looked through old messages on this topic, but I've
never found
> anything that looked like either a solution or a definitive pronouncement
that it just
> can't work.
> 
> I've looked through the docs and I saw the comment about frame tagging and
> vconfig. I implemented that but it makes no difference.
> 
> Here are some messages in my log:
> 
> 2013-07-22T13:17:29.121349-06:00 server dhcpd: DHCPOFFER on
> 172.22.13.223 to 84:29:99:7c:7e:fa (Karas-iPhone) via eth0.2
> 2013-07-22T13:17:29.121389-06:00 server dhcpd: DHCPOFFER on 10.1.10.95 to
> 84:29:99:7c:7e:fa (Karas-iPhone) via eth0
> 2013-07-22T13:17:30.202147-06:00 server dhcpd: DHCPREQUEST for
> 172.22.13.223 (172.22.0.32) from 84:29:99:7c:7e:fa (Karas-iPhone) via
eth0.2
> 2013-07-22T13:17:30.202381-06:00 server dhcpd: DHCPACK on 172.22.13.223 to
> 84:29:99:7c:7e:fa (Karas-iPhone) via eth0.2
> 2013-07-22T13:17:30.202594-06:00 server dhcpd: DHCPREQUEST for
> 172.22.13.223 (172.22.0.32) from 84:29:99:7c:7e:fa (Karas-iPhone) via
> eth0: wrong network.
> 2013-07-22T13:17:30.202753-06:00 server dhcpd: DHCPNAK on 172.22.13.223 to
> 84:29:99:7c:7e:fa via eth0
> 
> 
> 
> Here's my dhcpd.conf
> 
> authoritative;
> option domain-search "crossingchurch.org", "wcon.org", "private.wcon.org";
ddns-
> update-style interim; deny client-updates;
> 
> log-facility local7;
> 
> 
> key DHCP_UPDATER {
> 	algorithm hmac-md5;
> 	secret "1hamjDWV1PIwTdmwRfLjezhrxkTpm1RqRAXaecLJ548=";
> }
> 
> zone private.wcon.org {
> 	primary 127.0.0.1;
> 	key DHCP_UPDATER;
> }
> 
> zone 10.1.10.in-addr.arpa {
> 	primary 127.0.0.1;
> 	key DHCP_UPDATER;
> }
> 
> host sign.private.wcon.org {
> 	hardware ethernet 00:20:4a:8e:e2:8c;
> 	fixed-address 10.1.10.40;
> }
> 
> subnet 10.1.10.0 netmask 255.255.255.0 {
> 	option domain-name "private.wcon.org";
> 	ddns-updates on;
> 	option domain-name-servers 10.1.10.32;
> 	option routers 10.1.10.1;
> 	option ntp-servers 10.1.10.32;
> 	range 10.1.10.64 10.1.10.254 ;
> 	default-lease-time 252900;
> 	max-lease-time 252900;
> 	option netbios-name-servers 10.1.10.32; }
> 
> subnet 172.22.0.0 netmask 255.255.0.0 {
> 	option domain-name "pubwifi.crossingchurch.org";
> 	ddns-updates off;
> 	option domain-name-servers 172.22.0.32;
> 	option routers 172.22.0.32;
> 	option ntp-servers 172.22.0.32;
> 	range 172.22.2.0 172.22.254.254 ;
> 	default-lease-time 43200;
> 	max-lease-time 43200;
> }
> 
> 
> 
> 
> --
> George Sexton
> MH Software, Inc.
> 303 438-9585
> http://www.mhsoftware.com/
> 
> 
> 
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
> 
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.

More information about the dhcp-users mailing list