9

I recently replaced wireless at a site from the internal AP on an 877-WM with a (standalone) 1262 running 15.2(2)JB. I've configured the AP pretty much the same as I always do for Cisco AP's for single SSID operation (single bridge domain, BVI1 also management), and things seem to work.

However on my laptop I have VMware running, and a guest with NIC set to bridged mode is unable to DHCP, however IPv6 works fine.

When searching for this problem I see a reference to a "ip-mac-binding disable" command on WLC setups, but can't find if that maps to a setting on a single AP.

The relevant part of the AP's configuration is:

dot11 ssid # Removed
   authentication open 
   authentication key-management wpa
   guest-mode
   mbssid guest-mode
   wpa-psk ascii # Removed
!
bridge irb
!
interface Dot11Radio0
 no ip address
 !
 encryption mode ciphers aes-ccm 
 !
 ssid # Removed
 !
 station-role root
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface Dot11Radio1
 # Pretty much the same as radio 0

interface GigabitEthernet0
 no ip address
 duplex auto
 speed auto
 no keepalive
 bridge-group 1
 bridge-group 1 spanning-disabled
 no bridge-group 1 source-learning
LapTop006
  • 1,743
  • 11
  • 24
  • 1
    When connected to other networks via wireless, or bridged to this same network with the 877 instead it works fine. – LapTop006 Jun 07 '13 at 11:31
  • If it works with the 877 wireless config, would you post that as well? Also what is your DHCP server? I have reproduced the issue on my standalone 3602E - can't received DHCP assigned IP (Cisco switch running DHCP for now), but static IPv4 works. – some_guy_long_gone Jun 07 '13 at 17:44
  • Wireless on the 877 is the same radio config as the 1262, bridged to a shared "LAN" BVI. The 877 is also the one doing DHCP. – LapTop006 Jun 07 '13 at 22:36
  • Is there any relevant message on the AP log by the time the VM is discovering/requesting DHCP? – Daniel Yuste Aroca Jun 20 '13 at 21:25
  • i have an 1941W with similar config and a VM in bridge mode works fine on it too. in this case though - my router is doing the DHCP and the AP is simply a L2 bridge... – knotseh Jun 23 '13 at 15:59
  • I was unable to recreate the issue in a lab, 8 port 2940 switch running DHCP with a 1262 connected. Single SSID/VLAN. IOS 15 on the 1262. Are you using more than one SSID? The mbssid command implies that you are (and my multiple SSID network at work has the same issue as you). Also which version of IOS on the AP? – some_guy_long_gone Jul 01 '13 at 21:30
  • 1
    Ok update: Multiple SSIDs with bridged VM: VM sends DHCP request, DHCP server receives request and sends reply, reply never reaches VM. Was able to see this using Wireshark and a SPAN port. Sindle SSID: no issues, VM works fine with bridged connection and receives DHCP assigned address. – some_guy_long_gone Jul 01 '13 at 22:10
  • I would suggest `debug packet` on the AP to see what it's doing with the reply. And wireshark on the laptop to see what its radio is actually seeing. @legioxi, what MACs are being seen by DHCP, and is the reply unicast or broadcast? – Ricky Jul 01 '13 at 22:38
  • I'll try that in a moment. The MAC is the VM MAC, Wireshark labels it as VMWare and separately my laptop on the wireless network appears as Apple. Reply is broadcast. Seems the broadcast isn't being relayed on the other side of the bridged connection. – some_guy_long_gone Jul 01 '13 at 23:13
  • OK, try disabling `block-unknown-source`. If that doesn't work, try enabling `unicast-flooding` (I have a 1242, but I doubt anyone has run VMs across it) – Ricky Jul 03 '13 at 21:31
  • Note: just tried this with my laptop using vmware workstation 9. the packets all have the wireless nic's MAC (DHCP request having the VM's MAC), and everything works. – Ricky Jul 04 '13 at 01:46
  • Ricky - block-unknown-source may not be disabled, and unicast-flooding may not be enabled on wireless interfaces – LapTop006 Jul 05 '13 at 10:51

3 Answers3

2

If you check the "sh ip dhcp bindings" table on the switch is a lease shown for the VMs MAC address? If so, the DHCP Discover is reaching the switch, and the broadcast Offer is being sent back, but dropped by the AP. Although it seems unrelated, this behavior can be caused when the the AP and client don't support the the same WMM QOS parameters. Try adding "[no] dot11 qos mode wmm" to the AP config.

smoothbSE
  • 386
  • 1
  • 6
2

I had the same problem and found a solution: enable DHCP relay agent on the AP and it works. Replace x.x.x.x with the IP address from your DHCP server (typically the Internet router located on the same network / broadcast domain.

interface BVI1
  ip dhcp relay information trusted
  ip address dhcp client-id GigabitEthernet0
  ip helper-address x.x.x.x
  no ip route-cache
!
Jan
  • 36
  • 1
0

I had a similar issue at work and my solution was to configure the VM to use NAT instead of bridged mode. The host machine will receive the actual IP address and then when the VM is spun up it tries to request a separate IP but the source MAC is the same. Switching the VM to NAT solved our problems.

drek
  • 136
  • 1
  • 3
  • Certain functions don't work using NAT. i.e. Running Linux/Mac with a Windows 8 VM that has Remote Server Admin Tools. Cannot manage a Hyper-V host remotely behind NAT. – some_guy_long_gone Jul 17 '13 at 00:56
  • Noted. We have not run any Windows 8 VM's. Mostly Windows 7 or Linux from a Mac as the host. – drek Jul 17 '13 at 01:44