Fri, 05 Feb 2010

DHCP Relay

With our new WiFi access points, we run multiple SSIDs, each on its own VLAN. Unfortunately, we are observing an interesting problem: even though the DHCP server can see the WiFi client requesting the address and replies back, the reply sometimes does not reach the client. It vaguely depends on the number of clients on the particular WiFi AP. Today I think I have found what causes this problem.

In an unrelated event, our new 10GbE switches have arrived, and I have been configuring them. When browsing the manuals, I have noticed they have a feature called "DHCP relay", which causes DHCP requests to be magically switched to the primary VLAN of the switch, even when they are obtained from another VLAN. Well, one might think that almost nobody needs this obscure and unintuitive feature, so it is expected to be switched off by default.

Apparently the HP engineers do not share this point of view. Not only the DHCP relay is on by default on all newer ProCurve switches, but as a default setting, it is not mentioned in the "show config" command output, except when explicitly disabled. So nobody knows a new "feature" has been added, except when re-reading the manuals for every new ProCurve model.

I have found the DHCP relay feature being enabled even on other recently purchased switches. I have promptly disabled it, and we will see what happens with the above problem of missing DHCP replies.

