Failure of dhcp server failover

Simon Hobson dhcp1 at thehobsons.co.uk
Mon May 2 17:57:23 UTC 2016


Eugene Grosbein <eugen at grosbein.net> wrote:

> My UniFi APs run with UniFi Controller 3.2.10

That is pretty ancient - there have been a LOT of improvements since (and new firmware for some of the APs). Unless there's been an update released in the last few days, 4.8.15 is current.

> and Captive Portal/HotSpot enabled.

Ah, we're not using that.

> They request IP within untagged management VLAN and another IP within WLAN-assigned tagged vlan.
> The Captive Portal does not work if AP cannot obtain IP from the same IP subnet as its wifi clients use.

I'll check that out sometime when I've a bit of spare time.


Eugene Grosbein <eugen at grosbein.net> wrote:

> My Cicso router is separating VLANs and relay works per-VLAN. These are just "ip unnumbered" vlans:
> 
> interface Loopback2
> description "DHCP default gateway"
> ip address 31.220.160.2 255.255.255.255
> no ip redirects
> !
> interface Vlan1000
> description "DHCP Guest"
> ip unnumbered Loopback2
> ip helper-address X.X.X.X
> ip helper-address Y.Y.Y.Y
> ip verify unicast source reachable-via rx

That is broken. For DHCP to work properly, you **MUST** have the GI-Addr within the subnet served by the interface on the relay agent - using an un-numbered interface is pretty well guaranteed not to work properly.

Once you've fixed that, unless you need the APs to have specific addresses*, you can remove all the fudges and they'll "just work".

* And if you do, you can just do :
host ap1 {
  hardware ethernet ....
  fixed-address a.b.c.d, e.f.g.h, i.j.k.l, ...
}
and for each network, the AP will be given an IP address appropriate to the subnet.



More information about the dhcp-users mailing list