So, I'm trying make DHCP do something that DHCP doesn't do, and want to make DHCP do the something that it doesn't ...
I have an access point (Aerohive) connected to a trunk interface on a L3 switch (Brocade/Ruckus/whatevertheyaretoday), SSID configured on the AP to bridge to vlan10 on the switch. Switch has L3 interface on vlan10, but also on the corporate vlan (vlan20).
When a client connects to the AP and authenticates, the DHCP request from the client is bridged to vlan10, hits the L3 interface on the switch, which has a DHCP pool configured on the same range and allocates an address ... all good ...
Now ... I want to move the DHCP server away from the switch, and have addresses issued from an ISC DHCP Debian instance elsewhere on the corporate LAN (vlan20).
I've changed the configuration on the switch to relay the initial DHCP discover to the new server, which is correctly does, however the DHCP offer is then unicast back to the L3 address on vlan10 which is not routable on the corporate vlan, so obviously never makes it back to the client.
We want vlan10 to remain unroutable, as the wireless clients should not be going anywhere near the corporate vlan, and this topology is replicated across numerous sites. We could stick a separate DHCP server at each site on vlan10, but the reason for centralising is to allow us to track devices by MAC and IP at the various sites ...
Confusing, very difficult to explain, and very non-standard, but any suggestions would be welcomed!
No comments:
Post a Comment