• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Client of wireless bridge is unable to get IP address from DHCP server

Scheduled Pinned Locked Moved DHCP and DNS
6 Posts 3 Posters 1.4k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • C
    choin
    last edited by Aug 28, 2019, 4:40 PM

    My setup is:
    [pfSense(DHCP)] --wired-- [Ruckus APs] --wireless-- [wireless clients]

    Wireless clients don't have issues.
    For small number of clients that do not support wireless network, I need to do the following:

    [pfSense(DHCP)] --wired-- [Ruckus APs] --wireless-- [wireless bridge] --wired-- [wired clients]

    So far I've tried mini-routers by Mikrotik and TP-link as wireless bridges.

    • Mikrotik router: certanly can get the IP from pfSense for itself, but a wired client connected to it can not.
    • TP-link router: it seems like it can't get IP for itself, same for a wired client.

    Previously, I've confirmed that both Mikrotik and TP-link mini-routers are able to act as the same wireless bridges in a different network, where they connect to a regular home-grade wireless router that has basic DHCP configured. In that case, wired clients can also get their individual IPs without problem.

    Workaround: wired clients configure their IP themselves, without asking DHCP.
    Also, I can also enable static IP in wireless bridges, e.g. set them to different subnet so they don't consume addresses from the main pool. I didn't find problems with that.

    Still, I'd like to know what can I do to debug and solve the issue. Could it be that there is an issue with pfSense configuration? Or should I ask Ruckus support instead?

    1 Reply Last reply Reply Quote 0
    • D
      Derelict LAYER 8 Netgate
      last edited by Derelict Aug 28, 2019, 4:55 PM Aug 28, 2019, 4:49 PM

      Those things are notoriously awful.

      I simply could not get the netgear I tried to put in front of a printer to pass DHCP either. It just ate it. I had to use a static address on the wired client and it worked fine. This occurred on a couple different bridges I tried so it's something to do with the chipset they all use or something.

      Maybe there's some secret sauce to make it work but I certainly couldn't find it. Packet captures proved DHCP was arriving on wired but nothing going out wireless. Garbage.

      I wouldn't bother with Ruckus. If one wireless client works and another doesn't, it's not the wireless network.

      You might be able to somehow leverage the second wired port on some Ruckus APs into a bridge to the wired network in that location though. I have used that before and it works as you would expect it to. All depends on the location of the APs, etc. Or you could just bite the bullet and use Ruckus APs as expensive bridges for them. It would at least work properly.

      I ended up using a Ubiquiti AP as a bridge there that would join my wireless network and pass DHCP from wired clients. It worked and is certainly less costly than Ruckus gear for that simple purpose.

      Chattanooga, Tennessee, USA
      A comprehensive network diagram is worth 10,000 words and 15 conference calls.
      DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
      Do Not Chat For Help! NO_WAN_EGRESS(TM)

      1 Reply Last reply Reply Quote 1
      • C
        choin
        last edited by choin Aug 28, 2019, 5:00 PM Aug 28, 2019, 4:59 PM

        Wow, thanks for such a fast reply.

        By calling things awful, did you mean actual routers I mentioned or wireless bridges use cases in general?
        I mean, I could understand if there are limitations or defects in software those small boxes use. But shouldn't they be documented somewhere as known issues at least?

        1 Reply Last reply Reply Quote 0
        • D
          Derelict LAYER 8 Netgate
          last edited by Aug 28, 2019, 5:15 PM

          No idea. Just passing on that my experience is these little wireless bridges drop/filter DHCPDISCOVERs from the wired side. Talking about things like the Netgear WNCE2001.

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 1
          • C
            choin
            last edited by Aug 28, 2019, 8:47 PM

            I see.

            In my case they are TP-Link TL-MR3020 and Mikrotik mAP lite. I'm not sure they are dropping anything since wired clients from them could get an IP on a different network from a regular wireless router (AC1750). The difference looks like this:

            1. [existing network] --wired-- [AC1750(DHCP)] --wireless-- [wireless bridge]
            2. [pfSense(DHCP)] --wired-- [Ruckus APs] --wireless-- [wireless bridge]

            I've found similar discussions and they suggested to disable STP, checking MAC etc. On Mikrotik it was possible to disable STP and it didn't solve the problem. Also I've noticed that Mikrotik overwrites a wired client MAC to its exact own MAC, while TP-Link modifies the first half of it.

            A 1 Reply Last reply Aug 28, 2019, 9:03 PM Reply Quote 0
            • A
              awebster @choin
              last edited by Aug 28, 2019, 9:03 PM

              @choin, I concur with Derelict. I gave up using wireless bridges years ago for exactly the reasons you describe. In a word, they suck.
              They also generally have very tiny MAC address learning capability, so if you have more than a few distinct MAC addresses on either side of the bridge it craps out.
              Maybe there exists some unaffordable industrial equipment that works, but all the familiar names don't seem to have anything that works.
              My 2¢.

              –A.

              1 Reply Last reply Reply Quote 1
              1 out of 6
              • First post
                1/6
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                This community forum collects and processes your personal information.
                consent.not_received