It's late - I means Vanilla ;-)
Anyways - DS broke it (DHCP snooping) switch...
JFYI...
Disabling the DS check-box I now see the replies from the server ... still not quite working, but making progress...
DHCP Not passing through Switch
-
yahel - Member
- Posts: 54
- Joined: Wed May 27, 2015 12:07 am
- Location: Berkeley, CA
- Has thanked: 14 times
- Been thanked: 11 times
Re: DHCP Not passing through Switch
All working ...
It was the DS checkbox on the Netonix which made it "eat" the DHCP reply.
Unchecking that solved the problem...
It was the DS checkbox on the Netonix which made it "eat" the DHCP reply.
Unchecking that solved the problem...
-
yahel - Member
- Posts: 54
- Joined: Wed May 27, 2015 12:07 am
- Location: Berkeley, CA
- Has thanked: 14 times
- Been thanked: 11 times
Re: DHCP Not passing through Switch
FWIW - being able to tcpdump on the Netonix switch is by itself totally worth the swap...
ToughSwitch does not support tcpdump - it sucks.
If there could be a way, perhaps using port mirroring, to tcpdump a particular port on the Netonix - that would be priceless!
ToughSwitch does not support tcpdump - it sucks.
If there could be a way, perhaps using port mirroring, to tcpdump a particular port on the Netonix - that would be priceless!
-
billbuchan - Member
- Posts: 85
- Joined: Fri Dec 19, 2014 11:52 pm
- Location: United Kingdom
- Has thanked: 42 times
- Been thanked: 34 times
Re: DHCP Not passing through Switch
We just independently came to the same conclusion on the general forum:
http://forum.netonix.com/viewtopic.php?f=6&t=1017
---* Bill
http://forum.netonix.com/viewtopic.php?f=6&t=1017
---* Bill
-
sirhc - Employee
- Posts: 7416
- Joined: Tue Apr 08, 2014 3:48 pm
- Location: Lancaster, PA
- Has thanked: 1608 times
- Been thanked: 1325 times
Re: DHCP Not passing through Switch
I am not sure why you guys would enable DHCP Snooping on a port if you are trying to pass DHCP leases through that port.
A more advanced DHCP snooping function which is not what we currently have implemented which should be apparent as we do not have a section where you can specify valid a DHCP MAC or IP address that would be used to validate authorized DHCP communications.
We "currently" just have a simple form of DHCP snooping implemented with no configurable settings which basically prevents a DHCP server from being able to advertise or hand out leases into and through those ports with DHCP Snooping enabled on them to the rest of the ports on that switch.
So say you had a router at your tower with a DHCP server handing out leases and it was connected to Port 1 of the WISP Switch and your AP's were on Ports 5 through 10 you could enable DHCP Snooping on Ports 5 through 10 that way clients on Ports 5-10 could get an address from the router DHCP Server via Port 1 which does not have DHCP Snooping enabled.
This way if a client connected on Port 6 and that client had Layer 2 access to your net (not sure why you would ever give clients Layer 2 access) and advertised leases clients on other ports would not be able to acquire a lease from their rogue DHCP server.
A more advanced DHCP snooping function which is not what we currently have implemented which should be apparent as we do not have a section where you can specify valid a DHCP MAC or IP address that would be used to validate authorized DHCP communications.
We "currently" just have a simple form of DHCP snooping implemented with no configurable settings which basically prevents a DHCP server from being able to advertise or hand out leases into and through those ports with DHCP Snooping enabled on them to the rest of the ports on that switch.
So say you had a router at your tower with a DHCP server handing out leases and it was connected to Port 1 of the WISP Switch and your AP's were on Ports 5 through 10 you could enable DHCP Snooping on Ports 5 through 10 that way clients on Ports 5-10 could get an address from the router DHCP Server via Port 1 which does not have DHCP Snooping enabled.
This way if a client connected on Port 6 and that client had Layer 2 access to your net (not sure why you would ever give clients Layer 2 access) and advertised leases clients on other ports would not be able to acquire a lease from their rogue DHCP server.
Support is handled on the Forums not in Emails and PMs.
Before you ask a question use the Search function to see it has been answered before.
To do an Advanced Search click the magnifying glass in the Search Box.
To upload pictures click the Upload attachment link below the BLUE SUBMIT BUTTON.
Before you ask a question use the Search function to see it has been answered before.
To do an Advanced Search click the magnifying glass in the Search Box.
To upload pictures click the Upload attachment link below the BLUE SUBMIT BUTTON.
Who is online
Users browsing this forum: No registered users and 73 guests