H3C总代理商,华为代理商欢迎您!
官方微信 设为首页 联系方式

全国咨询服务电话

15378180513 

企业新闻

联系我们

客户至上

成都达锐斯科技有限公司
地址:成都市武候区人民南路4段53号嘉云台丙栋7楼

电话:15378180513

联系人:

邮箱:3511891@qq.com

官网:http://cdh3c.com

企业新闻

当前位置: 首页>>企业新闻

分享一个DHCP中继的案例

       某客户反馈无线控制器加瘦AP组网下,DHCP服务器Windows Server,无线控制器做DHCP中继,为终端分配地址,终端连接到SSID下后出现部分终端获取不到地址的问题。

  原因分析:

  通过一线反馈现场无线控制器配置,以及现场情况,发现问题现象主要出现在移动终端(苹果、安卓手机、平板)上,笔记本终端获取地址均正常。

  由于DHCP协议较为简单,且设备上运行一直正常,首先检查相关配置。

  dhcp relay server-group 1 ip 10.154.73.11

  dhcp relay server-group 1 ip 10.154.73.12

  #

  wlan vlan-pool vp1

  vlan-id 405 to 406

  #

  interface Vlan-interface405

  ip address 10.154.97.253 255.255.255.0

  dhcp select relay

  dhcp relay server-select 1

  #

  interface Vlan-interface406

  ip address 10.154.98.253 255.255.255.0

  dhcp select relay

  dhcp relay server-select 1

  #

  interface WLAN-ESS1

  port link-type hybrid

  undo port hybrid vlan 1

  port hybrid vlan 200 405 to 406 untagged

  port hybrid pvid vlan 200

  mac-vlan enable

  #

  wlan service-template 1 clear

  ssid zjzyhx

  bind WLAN-ESS 1

  service-template enable

  #

  wlan ap zhwgcs model WA2620i-AGN id 1

  serial-id 219801A0CMC156000206

  radio 1

  service-template 1

  radio 2

  service-template 1 vlan-pool vp1

  radio enable

  #

  检查发现配置无异常,皆为基本配置,且PC机获取正常,说明基本的数据链路是没有问题的,于是搜集相关的debug信息。

  debug dhcp relay all

  发现手机终端(MAC地址38f8-8937-bfd1)

  From client to server (Server-group 1):

  Message type: request

  Hardware type: 1, Hardware address length: 6

  Hops: 1, Transaction ID: 1128803385

  Seconds: 29, Broadcast flag: 0

  Client IP address: 0.0.0.0 Your IP address: 0.0.0.0

  Server IP address: 0.0.0.0 Relay agent IP address: 10.154.98.253

  Client hardware address: 38f8-8937-bfd1

  Server host name: Not Configured, Boot file name: Not Configured

  DHCP message type: DHCP Discover

  *Aug 17 14:27:41:162 2015 WX3024E_AC DHCPR/7/DHCPR_DEBUG_EVENT:

  Pkt Sent: send request interface Vlan-interface406, dest IP: 10.154.73.11,

  chardAddr: 38f8.8937.bfd1, server-group: 1.

  *Aug 17 14:27:41:162 2015 WX3024E_AC DHCPR/7/DHCPR_DEBUG_EVENT:

  Pkt Sent: send request interface Vlan-interface406, dest IP: 10.154.73.12,

  chardAddr: 38f8.8937.bfd1, server-group: 1.

  *Aug 17 14:27:41:164 2015 WX3024E_AC DHCPR/7/DHCPR_DEBUG_EVENT:

  Begin to deal with DHCP Offer packet.

  *Aug 17 14:27:41:164 2015 WX3024E_AC DHCPR/7/DHCPR_DEBUG_PACKET:

  Rx, DHCP reply packet, interface Vlan-interface406.

  *Aug 17 14:27:41:165 2015 WX3024E_AC DHCPR/7/DHCPR_DEBUG_PACKET:

  From server to client (Server-group 1):

  Message type: reply

  Hardware type: 1, Hardware address length: 6

  Hops: 0, Transaction ID: 1128803385

  Seconds: 0, Broadcast flag: 0

  Client IP address: 0.0.0.0 Your IP address: 10.154.99.132

  Server IP address: 0.0.0.0 Relay agent IP address: 10.154.98.253

  Client hardware address: 38f8-8937-bfd1

  Server host name: Not Configured, Boot file name: Not Configured

  DHCP message type: DHCP Offer

  *Aug 17 14:27:41:165 2015 WX3024E_AC DHCPR/7/DHCPR_DEBUG_EVENT:

  First VLAN ID of reply packets to client is 406.

  *Aug 17 14:27:41:165 2015 WX3024E_AC DHCPR/7/DHCPR_DEBUG_EVENT:

  Pkt Sent: send reply interface Vlan-interface406, dest IP: 10.154.99.132,

  chardAddr: 38f8.8937.bfd1, server-group: 1.

  Debug信息中可以看出,无线控制器上中继功能完整的完成了中继流程,并且在较后一步debug信息中显示

  Pkt Sent: send reply interface Vlan-interface406, dest IP: 10.154.99.132,

  chardAddr: 38f8.8937.bfd1, server-group: 1.

  即无线控制器已经向该地址发送DHCP reply报文,并且走的vlan端口也是vlan406,为该终端所在vlan中。

  查看PC的地址获取过程中的debug信息:

  *Aug 17 14:28:59:719 2015 WX3024E_AC DHCPR/7/DHCPR_DEBUG_EVENT:

  Begin to deal with DHCP Request packet.

  *Aug 17 14:28:59:719 2015 WX3024E_AC DHCPR/7/DHCPR_DEBUG_PACKET:

  Rx, DHCP request packet, interface Vlan-interface405.

  *Aug 17 14:28:59:720 2015 WX3024E_AC DHCPR/7/DHCPR_DEBUG_PACKET:

  From client to server (Server-group 1):

  Message type: request

  Hardware type: 1, Hardware address length: 6

  Hops: 1, Transaction ID: 1738251759

  Seconds: 1024, Broadcast flag: 1

  Client IP address: 10.154.99.9 Your IP address: 0.0.0.0

  Server IP address: 0.0.0.0 Relay agent IP address: 10.154.97.253

  Client hardware address: e006-e6ce-36b8

  Server host name: Not Configured, Boot file name: Not Configured

  DHCP message type: DHCP Request

  *Aug 17 14:28:59:720 2015 WX3024E_AC DHCPR/7/DHCPR_DEBUG_EVENT:

  Pkt Sent: send request interface Vlan-interface405, dest IP: 10.154.73.11,

  chardAddr: e006.e6ce.36b8, server-group: 1.

  *Aug 17 14:28:59:720 2015 WX3024E_AC DHCPR/7/DHCPR_DEBUG_EVENT:

  Pkt Sent: send request interface Vlan-interface405, dest IP: 10.154.73.12,

  chardAddr: e006.e6ce.36b8, server-group: 1.

  *Aug 17 14:28:59:728 2015 WX3024E_AC DHCPR/7/DHCPR_DEBUG_EVENT:

  Begin to deal with DHCP Ack packet.

  *Aug 17 14:28:59:728 2015 WX3024E_AC DHCPR/7/DHCPR_DEBUG_PACKET:

  Rx, DHCP reply packet, interface Vlan-interface405.

  *Aug 17 14:28:59:728 2015 WX3024E_AC DHCPR/7/DHCPR_DEBUG_PACKET:

  From server to client (Server-group 1):

  Message type: reply

  Hardware type: 1, Hardware address length: 6

  Hops: 0, Transaction ID: 1738251759

  Seconds: 0, Broadcast flag: 1

  Client IP address: 10.154.99.9 Your IP address: 10.154.99.9

  Server IP address: 0.0.0.0 Relay agent IP address: 10.154.97.253

  Client hardware address: e006-e6ce-36b8

  Server host name: Not Configured, Boot file name: Not Configured

  DHCP message type: DHCP Ack

  *Aug 17 14:28:59:729 2015 WX3024E_AC DHCPR/7/DHCPR_DEBUG_EVENT:

  First VLAN ID of reply packets to client is 405.

  *Aug 17 14:28:59:729 2015 WX3024E_AC DHCPR/7/DHCPR_DEBUG_EVENT:

  Pkt Sent: send reply interface Vlan-interface405, dest IP: 255.255.255.255,

  chardAddr: e006.e6ce.36b8, server-group: 1.

  发现交互流程的信息只有Broadcast flag: 1该位有区别。

  又在debug信息中发现了

  *Aug 17 14:29:09:833 2015 WX3024E_AC DHCPR/7/DHCPR_DEBUG_PACKET:

  From server to client (Server-group 1):

  Message type: reply

  Hardware type: 1, Hardware address length: 6

  Hops: 0, Transaction ID: 1077829468

  Seconds: 0, Broadcast flag: 0

  Client IP address: 10.154.99.9 Your IP address: 10.154.99.9

  Server IP address: 0.0.0.0 Relay agent IP address: 10.154.97.253

  Client hardware address: e006-e6ce-36b8

  Server host name: Not Configured, Boot file name: Not Configured

  DHCP message type: DHCP Ack

  即PC终端也发送过Broadcast flag为0的报文,且该种情况下也是获取异常。

  现象明了,即Broadcast flag位置零的终端获取异常(单播),Broadcast flag位置一的DHCP 中继流程正常(广播)。

  查看RFC2131可知DHCP ACK报文“broadcast or unicast, based on bootp flags.”而debug信息中,无线控制器回应的ACK报文该位与终端要求的均一一对应,不存在问题。

  由于debug信息中显示已经向问题终端发送ACK报文,于是协调AP AC间抓包。发现报文确实没有发送到AP。

  继续排查,在无线控制器内联口抓包发现单播ACK报文出现在了,内联口且未做LWAPP封装,即该报文走向了有线口,进一步查看配置。

  发现业务vlan 405 406三层接口配置:

  #

  interface Vlan-interface405

  ip address 10.154.97.253 255.255.255.0

  dhcp select relay

  dhcp relay server-select 1

  #

  interface Vlan-interface406

  ip address 10.154.98.253 255.255.255.0

  dhcp select relay

  dhcp relay server-select 1

  分别为10.154.98.0/24 10.154.98.0/24网段,而debug中终端拿到的地址是Client IP address: 10.154.99.9 Your IP address: 10.154.99.9

  10.154.99.0/24网段,随即向客户询问配置缘由,经了解,客户在有线网关上有相应的portal认证,设备在没有过认证之前,获取的是10.154.99.0/24网段地址,现场确实有该需求。

  至此,原因查明,手机终端DHCP报文广播位置为0,即请求服务器单播回应。

  PC机会分别尝试单播广播两种方式。当请求单播时,由于设备上没有相应的(10.154.99.0/24网段)三层接口,于是ACK的单播报文走默认路由,走无线内联口发出,所以终端没有收到报文。

  根据问题发生的原因,在业务vlan 405 406下配置(10.154.99.0/24网段)子地址,问题解决。

  解决办法:

  在业务vlan 405 406下配置(10.154.99.0/24网段)子地址,问题解决。

  建议与总结:

  在做DHCP中继的情况下,业务vlan较好有跟终端相同的网段地址。

  在业务vlan 405 406下配置(10.154.99.0/24网段)子地址,问题解决。

友情链接

新华三集团 思科

公司地址

ADDRESS

成都市武候区人民南路4段53号嘉云台丙栋7楼

服务电话

HOTTELEPHONE
  • 15378180513
公司简介
产品展示
H3C交换机
H3C路由器
思科交换机
思科路由器
华为交换机
企业新闻
技术文档
  • 扫一扫,加微信

Copyright © 2023 达锐斯科技 川公网安备 51010802000119号 XML地图

蜀ICP备2020034250号-1 技术支持: 网站模板