Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

two DHCP reservations messing up client gateway and DHCP options

I noticed a strange mixing of DHCP settings when having 2 reservations for one client MAC address.

console> system dhcp static-entry-scope show
global

I have a VLAN on the XGS lets say VLAN10 Net: 10.1.2.0/24 GW: 10.1.2.1

On that VLAN is a XGS DHCP Server with some specific DHCP options for that VLAN10 with a reservation for dummy client aa:aa:aa:aa:aa:aa -> 10.1.2.20

On that XGS there is a RED20 with IP of 192.168.1.1/24 GW 192.168.1.1

On that RED is a XGS DHCP Server with a reservation for the same dummy client: aa:aa:aa:aa:aa:aa -> 192.168.1.20

Intension is: when the client moves, it should get a specific IP on the RED and a specific IP on the VLAN.

Now in real life, when the client is on the RED network, it gets the IP 192.168.1.20 from the RED DHCP Server, but all other DHCP options come from the VLAN DHCP Server: gateway 10.1.2.1 and all the DHCP options from the VLAN.

is that normal?

I had to delete the reservation on the VLAN DHCP server to make the client be served the correct IP settings from the RED DHCP Server.

all on SFOS 20.0.1



This thread was automatically locked due to age.
Parents
  • If a MAC address is statically bound in more than one DHCP server, the client might receive incorrect configuration information (e.g., DNS, gateway). Such issues were reported around the V17.x firmware, leading to the introduction of a new DHCP configuration generation method in V17.5 to solve this problem. Please confirm the DHCP configuration generation method on your firewall by running console> sy dhcp conf-generation-method show. If it is set to "old," change it to "new" to prevent the reported issue.

Reply
  • If a MAC address is statically bound in more than one DHCP server, the client might receive incorrect configuration information (e.g., DNS, gateway). Such issues were reported around the V17.x firmware, leading to the introduction of a new DHCP configuration generation method in V17.5 to solve this problem. Please confirm the DHCP configuration generation method on your firewall by running console> sy dhcp conf-generation-method show. If it is set to "old," change it to "new" to prevent the reported issue.

Children
No Data