Reply
New Member
Posts: 3
Registered: ‎03-18-2017
Accepted Solution

ER-X, VLAN, DHCP and same Mac address across 2 DHCP servers.

Hello there,

 

I just stumbled across a little issue (at least I think it might be one) with my setup. I have one ER-X and a number of Unifi APs. One of the wireless networks  (SSID: IOT) is mapped to a VLAN 50. My iot devices connect to my network via the IOT wireless network. 

 

The ER-X assigns this VLAN 50 to a different subnet and also runs a seperate DHCP server for this subnet. The rest of my simple setup is not tagged.

 

All of the above seems to work just fine, ... but

recently I changed a device X on my network to be multi interface, that is to say it is connected to the VLAN 50 and the 'other' untagged network. Therefore it has  2 ip addrs which I wanted to have assigned by the respective DHCP server. 

Therefore I created a static entry (with the same Mac, different IP) on each of ER-X's DHCP servers.

This seems to cause a bit of havoc.

When rebooting, the  ER-X is somehow confused - and no longer routes anything to the internet or does any DHCPing. Also UniFi (or rather the APs)  seems to have been affected by it, as it started isolating APs. Basically the entire network slowly turned  into a nightmare :-).   

I could still access the ER-X gui and found if I disable one of the DHCP server things eventually came right.  This led me to the suspicion that it might be the double Mac entry. As soon as I removed one of the entries on of the DHCP servers things went back to normal.    

Not sure if this makes sense. I hasten to add that I am no network guru by any means.  So there's a good chance that what I did makes no a lot of sense (although it still does in my little world :-) ).

 

Cheers and keep up the brilliant work  

 


Accepted Solutions
SuperUser
Posts: 20,367
Registered: ‎09-17-2013
Kudos: 5104
Solutions: 1455

Re: ER-X, VLAN, DHCP and same Mac address across 2 DHCP servers.

You're not running multiple DHCP servers, but rather a single server with multiple scopes defined. So to make it's job easier, the devs decided to say one MAC address globally.

 

As for why the DHCP server devs decided to do this, asking them directly would be your best bet. IIRC, the default is isc-dhcp-server.

View solution in original post


All Replies
SuperUser
Posts: 20,367
Registered: ‎09-17-2013
Kudos: 5104
Solutions: 1455

Re: ER-X, VLAN, DHCP and same Mac address across 2 DHCP servers.

You can't assign the same MAC address in two different subnets.

New Member
Posts: 3
Registered: ‎03-18-2017

Re: ER-X, VLAN, DHCP and same Mac address across 2 DHCP servers.

[ Edited ]

Hi 

 

 

 ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.16.1.120  netmask 255.255.255.0  broadcast 172.16.1.255
        inet6 fe80::ba27:ebff:fe40:b781  prefixlen 64  scopeid 0x20<link>
        ether b8:27:eb:40:b7:81  txqueuelen 1000  (Ethernet)
        RX packets 10281224  bytes 1725966407 (1.6 GiB)
        RX errors 0  dropped 2  overruns 0  frame 0
        TX packets 8991900  bytes 828172843 (789.8 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0.90: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.16.2.20  netmask 255.255.255.0  broadcast 172.16.2.255
        inet6 fe80::ba27:ebff:fe40:b781  prefixlen 64  scopeid 0x20<link>
        ether b8:27:eb:40:b7:81  txqueuelen 1000  (Ethernet)
        RX packets 1707568  bytes 317873657 (303.1 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1960168  bytes 89050519 (84.9 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

 The Mac address on both for IP4 and IP6 are the same and the device responds to both IP addresses.

PING 172.16.2.20 (172.16.2.20) 56(84) bytes of data.
64 bytes from 172.16.2.20: icmp_seq=1 ttl=64 time=1.46 ms
64 bytes from 172.16.2.20: icmp_seq=2 ttl=64 time=1.56 ms
^C
--- 172.16.2.20 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1606ms
rtt min/avg/max/mdev = 1.463/1.511/1.560/0.062 ms
[root@gauss stephan]# ping 172.16.1.120
PING 172.16.1.120 (172.16.1.120) 56(84) bytes of data.
64 bytes from 172.16.1.120: icmp_seq=1 ttl=64 time=0.382 ms
64 bytes from 172.16.1.120: icmp_seq=2 ttl=64 time=0.555 ms

As I am not a big fan of assigning static IP address directly to the device but rather use the DHCP server(s) to associtate Macs with (static) IPs on the ER-X I would have thought this should work. 

 

If I go the tagged Vlan90 route the DHCP server (associated with the 172.16.2.0/24 subnet)  should dish out 172.16.2.20 and if I go the untagged route the other DCHP server (associate with 172.16.1.0/24) should dish out 172.16.1.120. 

 

 

 

 

SuperUser
Posts: 20,367
Registered: ‎09-17-2013
Kudos: 5104
Solutions: 1455

Re: ER-X, VLAN, DHCP and same Mac address across 2 DHCP servers.

You're not running multiple DHCP servers, but rather a single server with multiple scopes defined. So to make it's job easier, the devs decided to say one MAC address globally.

 

As for why the DHCP server devs decided to do this, asking them directly would be your best bet. IIRC, the default is isc-dhcp-server.

New Member
Posts: 3
Registered: ‎03-18-2017

Re: ER-X, VLAN, DHCP and same Mac address across 2 DHCP servers.

[ Edited ]

Hi there,

 

Thanks heap once again for the super quick reply. 

Obviously a bit of a bummer with regard to the DHCP issue - and in particular that nothing on the interface warns you of the fact that using the same Mac on 2 DHCP servers will eventually cause a serious meltdown of the entire network. When this happened yesterday to me after innocently upgrading the firmware (which was of course completely unrelated).... well it wasn't too nice of a place to be in :-) Only good thing - one learns quickly new things .... 

 

This said and being a software guy myself I definitely won't be the first one to cast a stone ;-) .

 

I might just move the DHCPing away from the ER-X and put it onto one of the dnsmasq DNS servers which I have running. 

 

Thanks again for the clarification and your support 

 

Have a good day 

 

S

Reply