Bug - Switch DHCP server incorrect subnet mask
Hi
I decided to post this here in Controllers section since its only a problem with a controller managed switch - in standalone you can properly configure this.
Switch DHCP server function gives out incorrect subnet mask
Problem
Say i have a network 192.168.6.0 /23. - this allows for DHCP in the range .6.1 to .7.254
I want to put the switch interface on an IP address in the lower half, say .6.254
I want DHCP clients in the .7.X range
However, this does not work. Client have no connectivity because the subnet mask they are being given is defined by the DHCP pool mask (second arrow) and NOT the mask of the actual interface (first arrow)
In the image above, what the clients get is, for example
192.168.7.100
255.255.255.0
DNS 1.1.1.1
Gateway 192.168.6.254
Because the gateway is outside the subnet mask they are given, they have no connectivity to it.
The clients should recieve the subnet mask of 255.255.254.0 instead, as defined in the interface.
If you change the pool mask to 23, clients get the right mask, but the switch just starts giving out .6.X from the beginning of the mask range, not what is specified in the interface.
This can be worked around by putting the interface IP of the switch interafce (first arrow) inside the .7.X scope, but we shouldnt have to do this. a /23 is a /23 and we should be able to define whatever IP we want in that range.
This effects all controller managed switches of any model and any firmware. I believe the controller is setting up the pool on the switch with the incorrect mask. I have seen this on all controllers versions since at least 2023 when i first got one.
Yes, all L2+ / L3 switches
No other DHCP in the vlan
You can test this with just a controller and switch, no router needed
Here is a good example
Here are test switch DHCP settings
Note the Subnet mask handed to the client matches the Pool mask, not the interface mask.
I can see the "logic" of why this is implemented in this way "match the mask with the pool only", but im sure you will agree, when this even works the other way, by setting the pool as a /25 or smaller, the mask matches it.....which makes the problem worse and worse the smaller or larger you go from a /24... Effectively it forces you to set the interface IP of the switch to somehting that exists inside the pool mask. If you go smaller than a /24 this is just....silly. There are other scenarios, what if i want this interface to hand out DHCP, but set the gateway IP they assign to another device (switch interface, router IP, whatever) somewhere else in the network on the larger VLAN ? Cant do it, if its not inside the scope of the pool.
I truly believe that the mask given to the client should either be fully definable by the user, or just match the mask of the interface itself (like in this example, a /23)
In standalone you can set whatever mask you like and simply add a DHCP exclusion range for whatever you dont want the clients to get