Cisco WLAN controller 4400 and dhcp relay
Thomas Liske
liske at ibh.de
Mon Jul 6 09:38:02 UTC 2009
Hi,
karczewski cyrill wrote:
> Hello everyone!! I hope you are fine!!
>
> I have a problem with coova-chilli 1.0.13 and i will be so gratefull for anyone find a solution.
>
> I use a cisco WLAN controller 4400 with vlans configured. in order to transmit dhcp requests in that vlan, cisco has a dhcp relay.
>
> the problem is that before transmit dhcp requests to chilli, the cisco controller does an ARP request to chilli.
>
> Chilli reply, but the cisco controller doesn't like this answer.
>
> In fact, when chilli reply, in the ARP target address field, chilli put 0.0.0.0 instead of the cisco controller ip address. It send the ARP reply in broadcast mode.
>
> So, the cisco controller send an ARP request again and again...
>
> here is the cisco request:
>
> http://picasaweb.google.com/cyrill51/Chillispot#5355257375354395602
>
> here is the reply
>
> http://picasaweb.google.com/cyrill51/Chillispot#5355257377945980914
>
> Anyone has an idea to correct this in chilli or in the cisco controller.
>
it seems to be an issue on the WLC implementation. According to RFC826
the WLC should accept the arp reply with an zero target address:
==============================[RFC826]==============================
?Do I have the hardware type in ar$hrd?
Yes: (almost definitely)
[optionally check the hardware length ar$hln]
?Do I speak the protocol in ar$pro?
Yes:
[optionally check the protocol length ar$pln]
Merge_flag := false
If the pair <protocol type, sender protocol address> is
already in my translation table, update the sender
hardware address field of the entry with the new
information in the packet and set Merge_flag to true.
?Am I the target protocol address?
Yes:
If Merge_flag is false, add the triplet <protocol type,
sender protocol address, sender hardware address> to
the translation table.
?Is the opcode ares_op$REQUEST? (NOW look at the opcode!!)
Yes:
Swap hardware and protocol fields, putting the local
hardware and protocol addresses in the sender fields.
Set the ar$op field to ares_op$REPLY
Send the packet to the (new) target hardware address on
the same hardware on which the request was received.
==============================[RFC826]==============================
There are no checks on the target address for ARP replies. The arp reply
is btw not send as a broadcast, there is the WLC's ARP address specified
as the destination address in the ethernet header.
I'd just checked Linux's implementation on sending ARP replies, it sets
the target IP address to the original request source address. Maybe it
should be fixed in cc to perform as other common ARP implementations
perform.
Regards,
Thomas
--
support at ibh.de Tel. +49 351 477 77 30
www.ibh.de Fax +49 351 477 77 39
-----------------------------------------------------------------------
Dipl.-Ing. Thomas Liske
Netzwerk- und System-Design
IBH IT-Service GmbH Amtsgericht Dresden
Gostritzer Str. 61-63 HRB 13626
D-01217 Dresden GF: Prof. Dr. Thomas Horn
Germany VAT DE182302907
-----------------------------------------------------------------------
Ihr Partner für: LAN, WAN IP-Quality, Security, VoIP, SAN, Backup, USV
-----------------------------------------------------------------------
professioneller IT-Service - kompetent und zuverlässig
-----------------------------------------------------------------------
More information about the Chilli
mailing list