I had set-up a Wi-Fi hotspot for a hotel (150 Wi-Fi users), and it’s working well except that the DHCP server on RB450G began running out of IP addresses. In LOG, it says “tried to optain an ip, no ips…”, “deassigned an IP from one user, and assigned to another”. I set-up about 200 usable IPs for DHCP server, DHCP lease is configured for 5 hours.
After looking at dhcp leases, it appears that each Wi-Fi user gets 2 IP’s from the same DHCP pool, and all users are connected via Wi-Fi. It says that one IP belongs to “hotspot”, and one IP belogs ton DHCP.
Also, why does the RB450G does this strange thing where it converts one local ip to another local ip? Both are in the same subnet.
My guess is each user gets 2 IP’s because I have set-up Masquerading on both Gateway1 and Eth1 (hot-spot). Is this true? How do I fix it?
Please help me figures this one out… seems like it takes a few tries for Wi-Fi users to connect before an IP is “de-assigned” from an idle user and “re-assigned” to them.
Set the address pool on the Hotspot to ‘none’. That’s the Universal NAT feature that allows clients with bad static IP settings to gain network access through the Hotspot because everyone (even clean DHCP users) gets NAT’d to something that will work. If you don’t need it a pool of ‘none’ turns the feature off.
Thank you fewi, I just did that and it seems like the double IP address entry for each mac address disappeared. Hope that users can still get IP addresses
So, I had a regular DHCP server set-up on the Interface, and one more DHCP server for hotspot on the same interface?
It also appears that every user gets an IP address - whether they’re able to authenticate or not, and that IP address stays with them until it’s expired… So if people from neighboring hotels try to connect to my Wi-Fi (but can’t log-in), I will quickly run out of my /24 IP addresses.
If you have people attaching to your wireless network they will probably pull a DHCP lease. If they stay connected to the network, they will renew the lease just as your real customers. Because the DHCP server has nothing to do with the Hotspot it cannot determine whether or not a client is able to authenticate against the Hotspot.
You can only prevent this by preventing outside users from associating with your wireless network in the first place. Either don’t make it an open network (probably not a good choice), or adjust the signal strength of your access points so that they don’t see the SSID.
Or, since you are most likely using private IP address space behind the Hotspot, just make more than a /24 available.
I’ve noticed that there’s a feature called “next/secondary DHCP pool”, does it mean once my primary DHCP pool is used-up, the users will be getting IP’s from secondary pool? I’m hesitant to use anything larger than /24
