E400 dhcp trouble

Hi, i have two e400 AP's with two SSID's in different vlan's.

Two mikrotiks as routers with vrrp, they are the dhcp server's

Some clinets can't get ip's or getting ip conflict error. The main thing that mac address of problem client is appearing in both vlans added on AP.

vlan 2 is a corp network with wpa2-enterprise

vlan 4 is a guest network with wpa2-personal

VLAN ID MAC Address Interface IfIndex Status
------- ------------------ --------------------- ------- ------------
2 F4:0F:24:2A:B4:52 0/14 14 Learned
4 F4:0F:24:2A:B4:52 0/14 14 Learned

Tech info in attachment

P.S. i've downgraded firmware, on latest release the same problem

Please configure the device as follows:

  • Configure ethernet 1 as Trunk
    • Native VLAN = 1
    • Allowed VLAN = 2,4
  • Delete the VLAN-2 & VLAN-4 L3 interfaces configured.

I have only one L3 interface  - management vlan, tagged.

with native vlan 1 on interface mac addresses going to it too)))

I've made like you said, but i still see mac duplicating.

I've upgraded AP's to 3.2.1-r6 from cnMaestro.

 

Here what i see:

VLAN ID MAC Address Interface IfIndex Status
------- ------------------ --------------------- ------- ------------
4 2C:BE:08:9C:AB:91 0/14 14 Learned
5 2C:BE:08:9C:AB:91 0/14 14 Learned

In my network vlan 4 - guest, vlan 5 -management (untagged on port with AP)

Why does it happening?

Any ideas?


@revizor wrote:

I've made like you said, but i still see mac duplicating.

I've upgraded AP's to 3.2.1-r6 from cnMaestro.

 

Here what i see:

VLAN ID MAC Address Interface IfIndex Status
------- ------------------ --------------------- ------- ------------
4 2C:BE:08:9C:AB:91 0/14 14 Learned
5 2C:BE:08:9C:AB:91 0/14 14 Learned

In my network vlan 4 - guest, vlan 5 -management (untagged on port with AP)

Why does it happening?


could you please confirm from the logs that the client has not associated to both SSIDs at one or the other point? Also, is the client being associated to vlan-4 or to vlan-5 for this test? If vlan-4 can you please confirm the RADIUS server (since vlan-4's SSID is wpa2-enterprise) is not setup for dynamic vlan assignment?

Here's solution for mac duplicating

interface eth 1
switchport mode trunk
switchport trunk native vlan 5
switchport trunk native tagged
switchport trunk allowed vlan 2,4,5,7

you need to create new l3 interface for management and made it tagged, in my case it is vlan 5

if you assign it untagged you will recieve mac's of clients in it

For now i'm testing it for dhcp issues


@revizor wrote:

Here's solution for mac duplicating

interface eth 1
switchport mode trunk
switchport trunk native vlan 5
switchport trunk native tagged
switchport trunk allowed vlan 2,4,5,7

you need to create new l3 interface for management and made it tagged, in my case it is vlan 5

if you assign it untagged you will recieve mac's of clients in it

For now i'm testing it for dhcp issues


we are able to recreate the issue of the client VLAN showing up on two VLANs, it will be fixed in the next major release (3.4.4), will be in beta in a week or so.

Thank you for your reply, i'm glad to see it))
For the issue with dhcp server:

The same network, i've seen that issues is actual only for 5GHz networks 
Mikrotik is saying that "sep/18 00:38:08 dhcp,warning dhcp1 offering lease 172.24.0.68 for A4:5E:60:18:FA:4F without success", and dhcp lease is in "offered" state.

I've tryed another dhcp server - tfpd64, and here what i've get:
A4:5E:60:18:FA:4F - is my iphone (5GHz AC)

Rcvd DHCP Discover Msg for IP 0.0.0.0, Mac A4:5E:60:18:FA:4F [18/09 00:41:08.720]
IP address 172.24.0.10 flushed from ARP table [18/09 00:41:08.721]
DHCP: proposed address 172.24.0.10 [18/09 00:41:12.836]
Rcvd DHCP Discover Msg for IP 0.0.0.0, Mac A4:5E:60:18:FA:4F [18/09 00:41:12.839]
IP address 172.24.0.10 flushed from ARP table [18/09 00:41:12.839]
DHCP: proposed address 172.24.0.10 [18/09 00:41:16.953]
Rcvd DHCP Discover Msg for IP 0.0.0.0, Mac A4:5E:60:18:FA:4F [18/09 00:41:16.955]
IP address 172.24.0.10 flushed from ARP table [18/09 00:41:16.956]
DHCP: proposed address 172.24.0.10 [18/09 00:41:21.071]
Rcvd DHCP Discover Msg for IP 0.0.0.0, Mac A4:5E:60:18:FA:4F [18/09 00:41:21.073]
IP address 172.24.0.10 flushed from ARP table [18/09 00:41:21.074]
DHCP: proposed address 172.24.0.10 [18/09 00:41:25.188]
Rcvd DHCP Discover Msg for IP 0.0.0.0, Mac A4:5E:60:18:FA:4F [18/09 00:41:25.190]
IP address 172.24.0.10 flushed from ARP table [18/09 00:41:25.191]
DHCP: proposed address 172.24.0.10 [18/09 00:41:29.305]
Rcvd DHCP Discover Msg for IP 0.0.0.0, Mac A4:5E:60:18:FA:4F [18/09 00:41:29.307]
IP address 172.24.0.10 flushed from ARP table [18/09 00:41:29.308]
DHCP: proposed address 172.24.0.10 [18/09 00:41:33.424]
Rcvd DHCP Discover Msg for IP 0.0.0.0, Mac A4:5E:60:18:FA:4F [18/09 00:41:33.426]
IP address 172.24.0.10 flushed from ARP table [18/09 00:41:33.427]
DHCP: proposed address 172.24.0.10 [18/09 00:41:37.543]
Rcvd DHCP Discover Msg for IP 0.0.0.0, Mac A4:5E:60:18:FA:4F [18/09 00:41:37.545]
IP address 172.24.0.10 flushed from ARP table [18/09 00:41:37.546]
DHCP: proposed address 172.24.0.10 [18/09 00:41:41.660]
Rcvd DHCP Discover Msg for IP 0.0.0.0, Mac A4:5E:60:18:FA:4F [18/09 00:41:41.662]
IP address 172.24.0.10 flushed from ARP table [18/09 00:41:41.663]
DHCP: proposed address 172.24.0.10 [18/09 00:41:45.778]
Rcvd DHCP Discover Msg for IP 0.0.0.0, Mac A4:5E:60:18:FA:4F [18/09 00:41:45.780]
IP address 172.24.0.10 flushed from ARP table [18/09 00:41:45.781]
DHCP: proposed address 172.24.0.10 [18/09 00:41:49.895]

60:45:BD:EB:92:CA - is my Surface (5GHz AN)

Rcvd DHCP Discover Msg for IP 0.0.0.0, Mac 60:45:BD:EB:92:CA [18/09 00:45:59.260]
Client requested address 172.24.0.75 [18/09 00:45:59.261]
IP address 172.24.0.15 flushed from ARP table [18/09 00:45:59.300]
DHCP: proposed address 172.24.0.15 [18/09 00:46:03.415]
Rcvd DHCP Discover Msg for IP 0.0.0.0, Mac 60:45:BD:EB:92:CA [18/09 00:46:03.417]
Client requested address 172.24.0.75 [18/09 00:46:03.418]
Freeing item 172.24.0.15 60:45:BD:EB:92:CA [18/09 00:46:03.418]
IP address 172.24.0.15 flushed from ARP table [18/09 00:46:03.489]
DHCP: proposed address 172.24.0.15 [18/09 00:46:07.605]
Message truncated (length was 8) [18/09 00:46:07.607]
Rcvd DHCP Discover Msg for IP 0.0.0.0, Mac 60:45:BD:EB:92:CA [18/09 00:46:08.241]
Client requested address 172.24.0.75 [18/09 00:46:08.242]
Freeing item 172.24.0.15 60:45:BD:EB:92:CA [18/09 00:46:08.242]
IP address 172.24.0.15 flushed from ARP table [18/09 00:46:08.287]
DHCP: proposed address 172.24.0.15 [18/09 00:46:12.401]
Message truncated (length was 8) [18/09 00:46:12.403]
Rcvd DHCP Discover Msg for IP 0.0.0.0, Mac 60:45:BD:EB:92:CA [18/09 00:46:16.740]
Client requested address 172.24.0.75 [18/09 00:46:16.741]
Freeing item 172.24.0.15 60:45:BD:EB:92:CA [18/09 00:46:16.741]
IP address 172.24.0.15 flushed from ARP table [18/09 00:46:16.806]
DHCP: proposed address 172.24.0.15 [18/09 00:46:20.923]
Message truncated (length was 8) [18/09 00:46:20.925]
Rcvd DHCP Rqst Msg for IP 0.0.0.0, Mac 60:45:BD:EB:92:CA [18/09 00:46:23.669]

After about 2-5 minutes Surface is recieving adress, but iphone is needed about 15 minutes to recive address

Both of them were connected to 5GHz network, on 2GHz network i have no issues
In the same test on Ubiquiti UAP AC LR - no issues
In the same test on Mikrotik HAP AC - no issues

Only one solution has been found - in configuraton of 5GHz radio need to set channel width to 40 MHz

After it - no issues

Test in progress...