Good afternoon everybody! This is my first time at this forum and I hope I didn't post my questions at a wrong place...

I have some Cisco Access Points and they need option 43 set up on the DHCP server. Here is the instruction from the AP's manual:

Cisco Aironet 1000 and 1500 series access points need type-length-value (TLV) format (don't worry about this format...) for DHCP Option 43. DHCP servers must be programmed to return the option based on the access point's DHCP Vendor Class Identifier (VCI) string (DHCP Option 60). The VCI strings for Cisco access points capable of operating in lightweight mode are listed in Table F-1:


Then I checked the DHCPD's manual and created the following dhcp.conf file:


option space Cisco_LWAPP_AP;
option Cisco_LWAPP_AP.server-address code 43 = string;

set vendor-string = option vendor-class-identifier;

....

class "Cisco AP c1520" {
match if option vendor-class-identifier = "Cisco AP c1520"; }

shared-network eth1
{
option domain-name "xxxxxxxx.net";
option domain-name-servers 4.2.2.1;
option subnet-mask 255.255.0.0;
default-lease-time 88200;
max-lease-time 88200;

subnet 172.17.0.0 netmask 255.255.0.0
{

pool {
deny members of "Cisco AP c1520";
range 172.17.1.10 172.17.199.254;
option broadcast-address 172.17.255.255;
option routers 172.17.1.1;
}

pool {
allow members of "Cisco AP c1520";
range 172.17.252.10 172.17.252.254;
option vendor-class-identifier "Cisco AP c1520";
vendor-option-space Cisco_LWAPP_AP;
option Cisco_LWAPP_AP.server-address f1:04:c0:a8:f7:05; #This hex string are in the Cisco TLV format
option broadcast-address 172.17.255.255;
option routers 172.17.1.1;
}

......

The dhcpd server starts up fine and the AP did get the right IP address but not the value in option 43. Did I configure it wrong? Is there anyway you can check if the DHCP servers are actually giving out these options? I checked the dhcp.leases but couldn't find anything... Thanks!!

You can see all of the network packets by running a network packet sniffer while the DHCP transaction is occurring. tcpdump will work. wireshark has a nice X GUI interface.

You might need to tell wireshark to display the entire packet. I think it truncates packets by default. One nice thing about wireshark is that it divides the packets up into their sections so you can see whatever part of the packets that you want to see.

Thank you stress_junkie for your reply!

I will try Wireshark but I have to first figure out how to monitor traffic on a switch. As you know the DHCP server is on one switch port and the AP is on another. I need to find a way to sniff the traffic between them (if possible...).

So there is no easy way, say a detailed log file, which will record the dhcp packages? Is there anyway to debug the DHCP server on the linux server? Thanks!

You can always run wireshark on the dhcpd server. This would help you avoid the switch problem. If you don't have X running on the server, you can forward X to your local desktop using 'ssh -X'. If you don't want to install the X libraries and/or wireshark on the dhcpd server, you can use tcpdump to write a file that wireshark can read later. 'tcpdump -w <filename>' By default tcpdump won't save the entire packet so you want to add the -s option. 'tcpdump -w <filename> -s0'. Be careful you don't fill up your drive. The files can grow big very quickly. You'll probably want to limit it to only dhcp packets. 'tcpdump -w <filename> -s0 port 67 or port 68'

Thank you Tdetre! Actually I have figured out how to do the monitoring on another switch port. The DHCP server did provide option 43 however the value is 2b 06 f1 04 c0 a8 f7 05. Where are the 2b and 06 from...? Do they mean anything? if you check my dhcpd.conf file in the first post you will see that I didn't put these values in. Will that be the reason why the Access points don't like it? If they are not normal, is there anyway to remove them? Thanks!