"Don't Use Our DCHP in Production"

deanwebb · June 04, 2015, 09:53:32 AM

"Don't Use Our DCHP in Production" - Cisco rep to our Wireless guy, in regards to the WLC we're using for our guest wireless network.

Apparently, that DHCP in the WLC is not RFC compliant.

Fortunately, we have another solution to use, but there goes the easy one of just letting the WLC hand out IP addresses. It'll now relay DHCP back to our IP system, but we'll have to take an outage to make the switcheroo.

routerdork · June 04, 2015, 11:44:30 AM

We've had a lot of issues with WLC's and DHCP. At times they just stop handing out IP's. We had a meeting a few weeks ago and the guy we were talking to was with a Cisco partner and super sharp. He also mentioned it was to be used for testing and not production.

icecream-guy · June 04, 2015, 12:24:16 PM

Much better to wire your DHCP server into your guest WLAN

dlots · June 05, 2015, 12:50:04 PM

At least he said "our" there and didn't say "don't use DHCP in production".

Honestly I wish more reps were that honest.

NetworkGroover · June 05, 2015, 02:50:32 PM

Quote from: dlots on June 05, 2015, 12:50:04 PM
At least he said "our" there and didn't say "don't use DHCP in production".

Honestly I wish more reps were that honest.

Coming from a previous engineering role, I feel your pain as I'm sure many of us do. Hence coming from that world, and now being on the "other side" of it, I know exactly how it feels to be B.S.'d, and how untrusting I was of vendors in general. Knowing that, I try to be as honest and transparent as possible - more so than a sales guy might like, but meh, that's who I am. I know myself as an engineer can understand if you don't have XYZ feature right now, but intend to implement by a certain date - and I appreciate if you can be honest and upfront about it. What I don't like, and will immediately blow you off in the future is if I catch you lying to me to try and make a sale. I can't stand that stuff.

Anyway, I personally, and I think a lot of engineers can respect and appreciate honesty - even if it's about something they don't want to hear.

deanwebb · June 08, 2015, 08:51:00 AM

More fun... but we may have things fixed when we kill off the Cisco DHCP entirely. When we had Cisco DHCP for one SSID and our internal DHCP for another, things still went badly. Moving the anchor for the internal DHCP to another controller that didn't run a DHCP scope of its own, and things really cleared up.

I'm thinking that, moral of the story... don't even use that Cisco DHCP for testing, man. It's bad stuff.

wintermute000 · June 10, 2015, 06:32:16 AM

Its amazing how a vendor like Cisco can eff up a garden variety, well known, well documented and relatively simple protocol like DHCP.
So they can get pfr, fabricpath, vm-fex to work but freaking DHCP is not production worthy? WTF

Netwörkheäd · June 10, 2015, 08:34:29 AM

Even having DHCP settings, but not active, messed things up. Total wtf-fest.

Otanx · June 10, 2015, 09:39:10 AM

The intern needs to do something besides get the coffee. I can see the conversation now.

Fade into conference room Thursday morning...
Cisco Employee 1: Hey, we need to support DHCP on this platform. Who wants to write the code?
Cisco Employee 2: DHCP is easy, have the new intern do it. We can tell him when he gets back from the Starbucks run. I hope he got my order right this time.
:Enter Cisco Intern1 carrying several Starbucks cups, and starts handing them out.
Cisco Employee 1: Intern, for your first coding work we need you to write a DHCP server. Nothing fancy, it just needs to hand out addresses, and stuff.
Cisco Intern 1: OK sir, I can do that. When do you need it by?
Cisco Employee 1: Oh, no rush. Take your time. We just need it before Friday.
Cisco Employee 2: What is this? I clearly asked for a double shot caramel frapachino with 2% milk. This is obviously whole milk.
:Fade to black

-Otanx

AnthonyC · July 16, 2015, 09:49:42 PM

Which WLC platform are we talking about? And does this apply to their virtual WLC as well?

routerdork · July 17, 2015, 10:32:43 AM

Our issues have been on all platforms we have used so far. We have 2100/2500/4400/5500 series controllers and all have has the same issues. We have never used the virtual but I would imagine it has the same issues.

deanwebb · July 17, 2015, 10:51:01 AM

For us, it's all hardware, 8500s and 5500s.

Dieselboy · August 11, 2015, 01:33:29 AM

Probably not compliant because it uses a virtual IP to hand out the addresses of 1.1.1.1?
IP:1.1.1.1 is now owned by someone, apparently. I'm still using 1.1.1.1, though. (couldn't find a middle finger emoticon. Consider the text within these brackets as a middle finger to "the man")

deanwebb · August 11, 2015, 07:50:01 AM

Quote from: Dieselboy on August 11, 2015, 01:33:29 AM
Probably not compliant because it uses a virtual IP to hand out the addresses of 1.1.1.1?
IP:1.1.1.1 is now owned by someone, apparently. I'm still using 1.1.1.1, though. (couldn't find a middle finger emoticon. Consider the text within these brackets as a middle finger to "the man")

The 1.1.1.1 part is sketchy to start with, but the actual handing out of addresses is what really breaks down.

This was us as we watched it fail in a debug. VVV

wintermute000 · August 12, 2015, 04:41:00 AM

Cisco wlcs use 1.1.1.1 by default for the guest captive portal