We've recently delved into the world of Bluesocket APs, and I've been trying to sort out how to configure our managed routers (mainly Junipers, Ciscos, and Adtrans) to provide Option 43 info to them via DHCP.
The Adtran, as expected, was a cinch.
The Juniper SRX router, however, was anything but.
I started out testing with BSAP 3040s running 3.0.1-HB-646847. Packet captures did show the APs sending the appropriate Option 60 value (BlueSecure.AP1500) in their DHCP Discovery packets. However, no matter what I did, as per packet captures, the Juniper SRX router would simply not send any option 43 info down to the AP in its DHCP Offers. (I followed the suggested config in the 'vWLAN AP Discovery.pdf' along with every other variant I could think of.)
I did get things working with "set access address-assignment pool AP_DHCP_Pool family inet dhcp-attributes server-identifier <controller_IP>", but as that wasn't related to option 43, I consider that blind luck and don't consider it a viable/sustainable solution. Eventually, I had a JTAC case opened, which is still in progress.
I have since revisited my lab, but this time using a BSAP 1940 running 3.0.1-HB-646847. Much to my surprise, the Juniper SRX router had no issues sending option 43 info on to that device, with the following config doing the trick:
set access address-assignment pool AP_DHCP_Pool family inet dhcp-attributes option 43 string <Controller_IP>
set access address-assignment pool AP_DHCP_Pool family inet dhcp-attributes option 60 string BlueSecure.AP1500
When I looked a little more closely at the captures for the DHCP Discovery packets from each AP, I did find one notable difference.
The BSAP 1940 was listing option 43 in its DHCP Parameter Request list (option 55), while the BSAP 3040s were not.
From what I've read, I was under the impression that option 60 was what informed the DHCP server that the requesting host was to be sent option 43 info. However, it seems as though the Juniper only sends the required info on to the AP if option 43 is explicitly listed in its option 55 DHCP parameter request list. So either the Juniper isn't handling the option 60 info the right way, or my understanding of this whole process is in error, and option 55 also factors in somehow?
I still have a ticket opened with JTAC to determine if this is correct behaviour on the part of the SRX router. However, the tech that I've been speaking with is fairly confident that the AP needs to send a request for option 43 in its option 55 parameter request list if this is going to work.
So that begs the questions....
1) Does option 43 need to be explicitly requested in option 55's parameter request list for this to work at all? Or should everything function properly with just option 60 being sent with the correct info?
2) Why are the BSAP 3040s not sending option 43 along in their option 55 parameter request lists, as the BSAP 1940s appear to be doing?