DHCP Request ACK'd for host on wrong VLAN
Attached are 3 Files: dhcpd.conf file, and 2 packet captures.
Scenario: Server is connected to the network on multiple VLANs (2 for simplicity). Client connects to a wired switch utilizing MAB/DVLAN to set the VLAN on the port.
Client is assigned VLAN 1000, and DHCP Server assigns an address from the corresponding pool. RADIUS Server changes the VLAN membership of the clients switchport to now be VLAN 2000. The switchport does not bounce, so the Client is unaware of the change. DHCP Lease reaches it's half-life and client attempts to renew the lease.
Expected Result: DHCP Server sends DHCP NAK to client, forcing client to request new IP on correct VLAN.
Observed Result: Client sends DHCP Req (renew) via broadcast message to DHCP Server. DHCP Server sends DHCP ACK, on original VLAN (1000 in this case). Client does NOT recieve DHCP ACK, and keeps trying. Client eventually sends new DHCP REQ to get an IP on correct VLAN (2000)
Other Notes: If the client sends a DHCP Req (renew) on VLAN 2000, for an IP configured on VLAN 1000, and there is no existing lease, one will be created for the client, even though the DHCP ACK is sent on VLAN 1000, and the client does not recieve it.