In vWLAN, a location is a VLAN and network that traffic is put into after being authenticated. It is a pre-defined part of the wired network that connects specific clients to the rest of the network architecture. If locations on a vWLAN system are inactive, even just on a few APs, many different problems can occur. If a client authenticates and is placed in a role that specifies a location which is inactive on the associated AP, the AP will first attempt to tunnel the client to another AP that has that location. If one is not available, the client may be forced into the native VLAN (albeit with the same role). In worse situations, the client may not be able to connect at all. If locations are consistently becoming inactive or never become active on certain or all APs, many connectivity and latency issues may occur. Specific troubleshooting is required to make sure location discovery functions normally to prevent these issues.
Below are some of the most notable symptoms of inactive locations:
- Clients being tunneled
- Clients being placed in a different location than configured.
- Clients not being assigned an IP address, auto-configuring an IP address (for example, windows clients using 169.254.0.X), or pulling the incorrect IP address.
Before continuing, if you need more information regarding initial configuration of vWLAN, especially in the area of understanding Location configuration, please see the vWLAN Quick Deployment and Configuration Guide or the vWLAN General Deployment Guide.
Understanding Location discovery
All Bluesocket APs (BSAPs) will use the native (untagged) VLAN for their IP address. This implies that BSAPs will either use DHCP on the native VLAN or they must be statically configured with an IP address in the native VLAN. They will automatically discover the native VLAN and generate a location in vWLAN called “vLoc_0_<network address>”. Next, the BSAP will attempt to discover the other configured locations (non-native VLAN locations must be configured to be discovered). It does this by sending out a DHCP discover message with the configured location’s VLAN tag. If an address is successfully offered from a DHCP server, the location becomes active on that AP (the lease is immediately released for client use). This process is also run when an Apply is sent to the AP or when the AP is rebooted.
Note: If using a static IP address for your AP, a DHCP discover is still sent out to make sure the location exists and a vLoc_0 will still be created in vWLAN for the location.
Ensuring Locations will be discovered properly
For location discovery to properly work, all of the desired network locations must be configured in vWLAN. BSAPs cannot automatically add a location to vWLAN other than their native VLAN. The BSAP must also be connected to a port that allows all the VLANs the AP will service. These VLANs must also span all the way to the DHCP server so that DHCP can be provided to the BSAP during location discovery. The simplest way to ensure this process works is to make sure the BSAP is plugged into a trunk port that allows all VLANs. All ports that provide transit in between switches should be trunk as well. In AOS, a port can be set to trunk mode with the following command:
(config)#interface switchport 0/1
(config intf 0/1)# switchport mode trunk
The default settings for trunk ports in AOS allow all VLANs, so the above configuration is all that is necessary. It is recommended to configure the switches in the least restrictive way possible at first, then add advanced settings like VLAN restrictions after verifying the basic functionality works. This will help isolate configuration issues should they exist.
It is also vital to ensure that the DHCP server itself can communicate on the configured VLANs. If the DHCP server does not support 802.1Q, then make sure helper addresses or DHCP relays are setup appropriately. For more information on the nuances of when to use trunk ports, helper addresses, or DHCP relay, please see DHCP Relay and UDP-relay in AOS.
How to tell if Locations are active
If you are having a problem on a particular AP or would like to check active locations on a BSAP, go to Status->Access Points and look at the Locations column to check and see which locations a BSAP shows are active. This is shown below.
If a certain location appears to be inactive on several BSAPs, you can check Status->Locations to see if the location shows as active in vWLAN. A location only has to be active on one AP to be considered Active in vWLAN. Locations are assigned to BSAPs based on Roles. Each Role will have a specified Location or Location Group, and BSAPs can be assigned to support these Roles through various configuration parameters in vWLAN. If a BSAP is assigned to support a Role with a Location that the BSAP does not have access to, then the BSAP may tunnel traffic for any client in that Location. Though tunneling allows APs to still use a location they do not have, this is not a desired mechanism for normal traffic. For more information on configuring vWLAN, please consult either the vWLAN General Deployment Guide or the vWLAN Quick Deployment and Configuration Guide.
Troubleshooting Inactive Locations
In most cases, a location is inactive for a BSAP because the last attempt to pull DHCP in that VLAN failed (no lease was given out). The simplest way to attempt to recover the AP’s locations is to send the BSAP an Apply and see if it is successful and marks the location as active. This can be done by going to Status->Access Points, and then clicking on the desired access point to highlight it and hitting the Apply button at the top of the page.
If the location still does not become active after the BSAP returns to an UpToDate status, consult the logs on the DHCP server. Check to see if a DHCP discover message was received at the server from the BSAP sometime before the location was seen to be inactive. In some cases the server may have run out of IP addresses, or may have run into some other error. If no log is found, start a packet capture on the DHCP server and then send an Apply to the BSAP and watch for the DHCP Discover messages.
If the DHCP discover is not being seen at the server, or the server seems to be responding but the BSAP is not acknowledging the location, the switches the BSAPs are plugged into should be examined. Make sure the proper VLANs are configured on the ports the BSAPs are connected to. If these are correct, examine all the ports downstream to the DHCP server to make sure that these VLANs are spanned (can route) all the way to the DHCP server.
If DHCP relay is being used on the switches to relay DHCP to a DHCP server somewhere else, those transactions should be examined to make sure DHCP is properly getting relayed to the server. If using ADTRAN switches as a DHCP relay, DHCP Relay and UDP-relay in AOS can be used as a guide to troubleshoot the transaction properly.
If there is a question of whether the BSAP is sending the DHCP Discover messages out, a packet capture should be taken on the switchport the BSAP is connected to. Generally, the best way to do this is through a port mirror which will mirror all the traffic received at that switch port and send it out another port to be captured by some type of client machine. If using an AOS switch, you can use Configuring Port Mirroring in AOS to perform a port mirror.