Cisco APs Ignoring DHCP Option 43 and Using CAPWAP UDP Broadcasts

ciscodhcpieee 802.11wirelesswlc

Background
I am trying to redeploy Cisco 1242 LWAPs on new Cat4507R+E switches, which means the IP address of the WLC is changing for that LWAP. For some reason, I have to configure ip helper-addresses on my AP vlan to jumpstart communication between my Cisco AP1242 APs and the WLC; I have DHCP (with Option 43) on the AP Vlan, but I don't know why the AP is ignoring the DHCP Option.

DHCP runs on Cisco 4507R+E switches… The switches are configured with DHCP Option 43 (Single WLC address: 10.19.3.209 / hex: 0a13.03d1) and Option 60…

ip dhcp pool lwap_v99
 network 10.1.1.0 255.255.255.0
 default-router 10.1.1.254
 dns-server 10.19.26.225
 option 43 hex f104.0a13.03d1
 option 60 ascii "Cisco AP c1240"
!

The AP is getting a DHCP address…

WL-DST2#sh ip dhcp bind
Bindings from all pools not associated with VRF:
IP address          Client-ID/              Lease expiration        Type
                    Hardware address/
                    User name
10.1.1.17           0158.8d09.03ec.de       Jun 28 2013 03:07 AM    Automatic
WL-DST2#

Using wireshark on Supervisor 7, I can see that the APs are ignoring Option 43; instead, the APs (for example, 10.1.1.17) are broadcasting CAPWAP packets and never send a unicast request…

WL-DST2#sh monitor capture file bootflash:mycap.pcap | i CAPWAP
681 597.979997    10.1.1.17 -> 10.19.26.225 DNS Standard query A CISCO-CAPWAP-CONTROLLER
684 600.977998    10.1.1.17 -> 10.19.26.225 DNS Standard query A CISCO-CAPWAP-CONTROLLER
689 603.977998    10.1.1.17 -> 10.19.26.225 DNS Standard query A CISCO-CAPWAP-CONTROLLER
705 615.975999    10.1.1.17 -> 255.255.255.255 CAPWAP CAPWAP-Control - Discovery Request
715 625.974001    10.1.1.17 -> 255.255.255.255 CAPWAP CAPWAP-Control - Discovery Request
728 635.970995    10.1.1.17 -> 255.255.255.255 CAPWAP CAPWAP-Control - Discovery Request

I validated that DHCP is offering Option 43 in the DHCP Offer message…

Option: (t=43,l=13) Vendor-Specific Information
    Option: (43) Vendor-Specific Information
    Length: 13

I tried setting both option 43 ascii "10.19.3.209" and option 43 hex f104.0a13.03d1… both of these are ignored by the AP. I also tried [hard-resetting the AP with the mode button].

Workaround for non-functional DHCP Option 43 & 60
At this point, the only thing that makes the AP talk to the WLC is a helper-address (for udp/5246 & udp/5247) on the Vlan…

!
interface Vlan99
 ip address 10.1.1.252 255.255.255.0
 ip helper-address 10.19.3.209      <------
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 standby 99 ip 10.1.1.254
!
ip forward-protocol udp 5246        <------
ip forward-protocol udp 5247        <------

Question

How do I use DHCP to make these APs use unicast packets to initiate CAPWAP with the WLC? FWIW, I don't want to use DNS to direct the APs to the WLC.

Version information for the AP / WLC system…

(Cisco Controller) >show ap config general AP588d.0903.ecde
...
S/W  Version .................................... 7.3.101.0
Boot  Version ................................... 12.4.13.0

The 4507R+E switches are running IOS-XE 3.4.0SG

Best Answer

Cisco LWAPs will do this process in order to try and find a controller:

CAPWAP broadcast on the local subnet
Check NVRAM for previous controllers/mobility groups and try those.
OTAP (remove now though)
DHCP Option 43/60
DNS Lookup for "CISCO-CAPWAP-CONTROLLER.localdomain"

If the controllers are on the local subnet, then it will find those via broadcast, if you have an IP helper pointing to the controller as well as ip forward-protocol on 5246/12223 it will find it that way too.

The APs also keep previously joined controllers in NVRAM, and will connect to those before option 43.

Note that these will happen in this order! I had an issue installing a new WLAN whilst a legacy WLAN was in use, and the IT guy had plugged in some of the APs, so they were going to the WLCs in their NVRAM instead of using option 43 like I had wanted. I factory reset on the APs solved this however.

Reference is here (quite old): http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00806c9e51.shtml

Related Solutions

Cisco – AP’s at remote faciltiy will not join local controller

I cannot tell you exactly what is happening without looking at the configs of the Switches and the WLC you have as I can think of a number of possibilities. For me, it'd be helpful to have that information but more so, the things that you've done. Basically, what are the items you've tried thus far?

SW-A: 10.133.55.1 <---TRUNK---> SW-B: 10.133.55.2

WLC-4404 10.128.55.10

First thoughts though are as follows:

1.) Who is able to ping the WLC? a.) no one = check the interface on the switch and the WLC interface config, any firewalls b.) same subnet, 10.128.55.0/24, but no other subnets = check routing c.) all subnets on one switch but not from another switch = check trunk on SW-A & SW-B

2.) AP and WLC are able to ping each other but AP not showing up in WLC a.) check DHCP has the proper option 43 (Vendor Specific Info) set which tells the AP what IP the WLC is. b.) check any firewalls inbetween c.) create new interface on WLC with the same VLAN subnet as the AP and test d.) enable ssh on the AP and do a show log to see if anything peculiar sticks out

3.) You've checked all possibilities and as the config stands everything should work a.) reload the switches, AP's, WLC b.) pull out the configuration and put the configuration back in specific to the issue c.) try a different interface on the switch for the WLC d.) try a different interface on the WLC (maybe create a new one) e.) get on Cisco.com and use the bugtoolkit to see what bugs are out there for your particular WLC version. f.) upgrade the WLC version a revision up and test.

I realize that some of my ideas are not really applicable, but I'm just throwing some ideas out there to maybe help give a new perspective on the problem. I've found just taking a break to think about something else and then coming back helps me.

Cisco Wireless – Staging Many Lightweight APs for Deployment

I would like to setup some sort of staging/prep area for pre-configuring the new access points, conducting inventory, tagging with asset tags, sorting AP by final deployment area, and so on.

In setting up this staging area, is there a better way to prime these AP's quickly and easily? Or are we already doing this in the most efficient manner?

NOTE: I am assuming you're already familiar with loading MIBs on a Windows / Linux machine, and using snmpwalk / snmpset... if not, please let me know

I recently discovered how well you can manage Cisco's LWAPs through the AIRESPACE-WIRELESS-MIB, in fact I have mostly forsaken our WCS in favor of managing our LWAPs with the MIB (we have a couple hundred LWAPs spread across multiple WLCs at our facility).

Since you know Perl, you could write a loop to poll your WLCs for the new LWAPs; then the script reacts accordingly when it sees a new LWAP mac-address on a WLC.

Loop through a list of all controllers, then poll the LWAPs on each controller with bsnAPEthernetMacAddress (ro). Use the mac-address as the unique identifying key for all activity on this LWAP.
When you see a new LWAP, print the discovery time / mac-address of the LWAP; then ask the user what hostname / location to assign to this LWAP
Optionally perform bsnAPClearConfig (rw) using snmpset (note 255.254.253.252.251.250 is the hexidecimal index to bsnAPTable translated into decimal octets); setting bsnAPClearConfig will immediately reboot the LWAP:
```
snmpset -v 2c -OXsq -c private -m AIRESPACE-WIRELESS-MIB <WLC_IP> \
  bsnAPClearConfig.255.254.253.252.251.250 integer 1
```
Assign bsnAPName (rw), bsnAPPrimaryMwarName (rw), bsnAPSecondaryMwarName (rw) using snmpset
Get the bsnAPSerialNumber (ro); save it to a CSV file along with bsnAPEthernetMacAddress (ro), bsnAPName (rw), bsnAPPrimaryMwarName (rw), and bsnAPSecondaryMwarName (rw)
Reset the LWAP if required with bsnAPReset (rw)

Using SNMP to manage LWAPs has been helpful, since I can automatically react to changes in LWAP to WLC mappings, as well as when an AP drops offline or gets large error / user counts. I usually poll them all every 15 minutes and record who is on them, as well as recording what LWAPs are on each controller. The WLC is powerful, but I like building custom-reaction scripts and reports.

Best Answer

Related Solutions

Cisco – AP’s at remote faciltiy will not join local controller

Cisco Wireless – Staging Many Lightweight APs for Deployment

Related Topic