In computer networking, a single layer-2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them via one or more routers. Such a domain is generally referred to as a virtual local area network (VLAN). This is usually achieved on switching or routing network devices. Some devices may support VLAN by partitioning on a port level; other devices can mark packets through tagging so that a single interconnect (trunk port) may be used to transport data for various VLANs. A VLAN has the same attributes as a physical local area network (LAN), but it allows for client devices to be grouped together more easily even if they are connected to the same network switch. VLAN membership can be configured through software. Unlike physically separate networks, VLANs share bandwidth, so VLAN trunks may require aggregated links and/or quality of service prioritization.
The Dynamic Host Configuration Protocol (DHCP) generally refers to a standardized networking protocol used on Internet Protocol (IP) networks for dynamically distributing network configuration parameters, such as IP addresses for interfaces and services. With DHCP, client devices of a network request IP addresses and networking parameters automatically from a DHCP server, reducing the need for a network administrator or a user to configure these settings manually.
In a wireless local area network (WLAN), when a client device belonging to a first VLAN requests an IP address, a network control device will forward the request to the DHCP server corresponding to the first VLAN. The DHCP server will then assign an IP address to lease to the client device. Subsequently, if the client device changes to a different and second VLAN, the client device will request a new IP address from the same or a different DHCP server corresponding to the second VLAN. The VLAN for the client device may change due to change of authorization. For example, a Pre-boot eXecution Environment (PXE) client after boot can undergo an authentication in compliance with IEEE 802.1x standard, and obtain a new role and/or VLAN assignment.
Moreover, the client device will need to send a DHCP release message to the DHCP server to release the assigned IP address as an available IP address to the address pool for the first VLAN. Nevertheless, in such scenarios, the DHCP server cannot properly release the assigned IP address corresponding to the first VLAN to the DHCP available address pool, and thus making the assigned IP address unavailable for other client devices. This is because the VLAN associate with the client device has been changed from the first VLAN to the second VLAN. The DHCP server maintains a VLAN identified associated with each client device. Accordingly, the DHCP server will detect a mismatch between the current VLAN assigned to the client device and the VLAN corresponding to the assigned IP address in the DHCP release message received from the client device. When such mismatch is detected by the DHCP server, the DHCP server will not release the IP address of the DHCP message, thereby causing the DHCP address pool to get exhausted rapidly even though none of the client device is active on the first VLAN and/or sub-network.