Support Support Downloads Knowledge Base Service Request Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[WLA] Using DNS to connect when DHCP option 6 and option 15 fail

0

0

Article ID: KB32267 KB Last Updated: 25 Jun 2018Version: 1.0
Summary:

This article provides a solution on how to boot the AP using DNS options, if the DHCP option 43 (vendor-specific information) feature is not available.

Symptoms:
  • Can't boot / connect the AP using DHCP option 43, Layer 2 broadcast, or static configuration
  • DHCP option 6 (Domain Name Server) and option 15 (Domain Name) are present but the AP still won't boot
Solution:

There are three methods for a distributed AP to discover and establish a connection with a WLC / MX:

  1. Layer 2 (L2) Broadcast
    • The AP broadcasts a TAPA find message over UDP on port 5000
       
  2. DHCP option 43
    • Where both DHCP option 6 (Domain Name Server) and option 15 (Domain Name) must be present in the AP's list of DHCP IP addresses in order for the AP to use the wlan-switch.DOMAIN lookup option.
    • The format for option 43 string is "ip:X.Y.W.Z", where X.Y.W.Z is the WLC / MX address.
    • The AP will attempt a TAPA unicast connection to each listed IP address.
       
  3. DNS
    • Used only if DHCP option 43 and L2 Subnet Broadcast processes fail to find the WLC / MX
    • AP sends a DNS looks up for hosts ‘trpz’ and ‘wlan-switch'
    • In the DNS setup you can name the switch whatever you like as long as there are 'A records' in the DNS for the name.

Additionally, the AP can be statically configured with details about the WLC / MX. In this case, the AP will try to contact the WLC / MX using the static IP address or hostname. If using a hostname to connect, then configure the AP with a DNS server; doing so will allow the AP to send a DNS query.

If the AP is not able to find and boot up from a WLC based off of L2 Broadcast, DHCP option 43, or a static configuration, then the AP will send out a DNS query for 'wlan-switch.DOMAIN' where the 'DOMAIN' portion will come from the DHCP options.

Note: 'trpz.DOMAIN' or 'wlan-switch.DOMAIN' are hardcoded function/feature of the AP.

Example:

The following command configures Distributed AP 1 to use a WLC with the name WLC2 as the boot device.
The DNS server at 172.16.0.1 is used to resolve the name of the WLC.

WLC# set ap 1 boot-configuration switch name WLC2 dns 172.16.0.1 mode

Hence possible configuration options:

  1. Statically configure the AP to lookup " wlan-switch.[domain] ". Make sure the DNS server and the APs are configured to communicate with each other, so they can resolve this record accordingly.
  2. Do not statically configure the AP.  Instead, ensure that the AP receives the '[domain]' domain in its DHCP options along with a DNS server option that can resolve this record. The AP will then automatically try to resolve 'wlan-switch.DOMAIN' during the boot-up process (i.e. 'wlan-switch.abc123.com').
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Security Alerts and Vulnerabilities

Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search