Comprar o Renovar
Comprar o Renovar
cancelar
Activar sugerencias
La sugerencia automática le ayuda a obtener, de forma rápida, resultados precisos de su búsqueda al sugerirle posibles coincidencias mientras escribe.
Mostrando los resultados de 
Buscar en lugar de 
Quiere decir: 
cancel
Iniciar una conversación
530
Visitas
2
ÚTIL
5
Respuestas

Host incapaz de recibir direccionamiento mediante DHCP

Ir a solución
Gordon Freeman1
Level 1
Level 1

‎10-25-2023 03:05 PM - editado ‎10-25-2023 04:41 PM

Buenas, explico el caso. No he podido darle direccionamiento a los PC mediante DHCP, adjunto la topología, configuración y otros detalles. Notas: Ya he probado configurando ip helper-address dentro de las subinterfaces utilizando la ip del servidor DHCP que es router CENTRAL, router NORTE y SUR tienen configurado VRRP y las interfaces de los PC ya estan en IP ADDRESS DHCP. Agradeceria su ayuda. 

Router CORE==============================================================

Current configuration : 1990 bytes
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CORE
!
boot-start-marker
boot-end-marker
!
aqm-register-fnf
!
no logging console
!
no aaa new-model
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
!


!
!
!
!
ip cef
ipv6 unicast-routing
ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Ethernet0/0
ip address 210.0.0.1 255.255.255.252
!
interface Ethernet0/1
no ip address
shutdown
!
interface Ethernet0/2
no ip address
shutdown
!
interface Ethernet0/3
ip address 192.168.43.4 255.255.255.0
!
!
router eigrp TSHOOT
!
address-family ipv4 unicast autonomous-system 10
!
topology base
redistribute static
redistribute bgp 200 metric 10000 1000 255 1 1500 route-map BGP
exit-af-topology
network 192.168.43.0
network 192.168.43.4 0.0.0.0
exit-address-family
!
router bgp 200
bgp log-neighbor-changes
network 192.168.43.0
redistribute eigrp 10 metric 255 route-map EIGRP
neighbor 210.0.0.2 remote-as 100
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 210.0.0.2
ip route 0.0.0.0 0.0.0.0 192.168.43.3
!
ip access-list standard RUTA-EIGRP
permit any
!
!
ip prefix-list RUTAS-BGP seq 5 permit 210.0.0.0/30
ip prefix-list RUTAS-BGP seq 10 permit 220.0.0.0/30
ip prefix-list RUTAS-BGP seq 15 permit 8.8.8.8/32
ip prefix-list RUTAS-BGP seq 20 permit 4.4.4.4/32
!
ip prefix-list RUTAS-IGP seq 5 deny 0.0.0.0/0 le 32
!
route-map EIGRP deny 10
match ip address RUTA-EIGRP
!
route-map EIGRP permit 20
!
route-map BGP permit 10
match ip address prefix-list RUTAS-BGP
set metric 50
!
route-map IGP permit 10
match ip address prefix-list RUTAS-BGP
set metric 1544 2000 255 1 1500
!
!
!
control-plane
!
!
!
!
!
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
transport input none
!
!
end

Router ISP=============================================================================================
hostname ISP
!
boot-start-marker
boot-end-marker
!
aqm-register-fnf
!
no logging console
!
no aaa new-model
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
!


!
!
!
!
ip cef
ipv6 unicast-routing
ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 8.8.8.8 255.255.255.255
!
interface Ethernet0/0
ip address 210.0.0.2 255.255.255.252
!
interface Ethernet0/1
ip address 220.0.0.1 255.255.255.252
!
interface Ethernet0/2
no ip address
shutdown
!
interface Ethernet0/3
no ip address
shutdown
!
router bgp 100
bgp log-neighbor-changes
network 8.8.8.8
network 8.8.8.8 mask 255.255.255.255
neighbor 210.0.0.1 remote-as 200
neighbor 220.0.0.2 remote-as 300
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 210.0.0.1
ip route 0.0.0.0 0.0.0.0 220.0.0.2
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
transport input none
!
!
end

Router CENTRAL=================================================================================

hostname CENTRAL
!
boot-start-marker
boot-end-marker
!
aqm-register-fnf
!
no logging console
!
no aaa new-model
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
!


!
!
ip dhcp pool VLAN10
network 172.16.10.0 255.255.255.0
default-router 172.16.10.254
dns-server 8.8.8.8
!
ip dhcp pool VLAN20
network 172.16.20.0 255.255.255.0
default-router 172.16.20.254
dns-server 8.8.8.8
!
ip dhcp pool VLAN30
network 172.16.30.0 255.255.255.0
default-router 172.16.30.254
dns-server 8.8.8.8
!
!
!
ip cef
ipv6 unicast-routing
ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Ethernet0/0
no ip address
shutdown
!
interface Ethernet0/1
ip address 192.168.31.3 255.255.255.0
ip ospf dead-interval 80
ip ospf hello-interval 20
ip ospf 1 area 0
!
interface Ethernet0/2
ip address 192.168.23.3 255.255.255.0
ip ospf dead-interval 80
ip ospf hello-interval 20
ip ospf 1 area 0
!
interface Ethernet0/3
ip address 192.168.43.3 255.255.255.0
!
!
router eigrp TSHOOT
!
address-family ipv4 unicast autonomous-system 10
!
topology base
redistribute ospf 1 metric 10000 1000 255 1 1500 route-map OSPF
exit-af-topology
network 192.168.43.0
exit-address-family
!
router ospf 1
router-id 3.3.3.3
redistribute eigrp 10 subnets route-map EIGRP
network 3.3.3.3 0.0.0.0 area 0
network 23.23.23.3 0.0.0.0 area 0
network 31.31.31.3 0.0.0.0 area 0
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 192.168.43.4
!
!
route-map OSPF permit 10
match ip address OSPF
set metric 20
set metric-type type-1
!
route-map EIGRP permit 10
set metric 1544 2000 255 1 1500
!
!
!
control-plane
!
!
!
!
!
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
transport input none
!
!
end


Router SUR=============================================================================

hostname SUR
!
boot-start-marker
boot-end-marker
!
aqm-register-fnf
!
no logging console
!
no aaa new-model
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
fhrp version vrrp v3
!
!
!
!
!
!


!
!
!
!
ip cef
ipv6 unicast-routing
ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback2
ip address 2.2.2.2 255.255.255.255
ipv6 address 2021:ACAD:ACAD:2::2/128
!
interface Tunnel0
no ip address
no ip redirects
ipv6 address 2021:ACAD:ACAD:100::2/64
tunnel source Ethernet0/2
tunnel mode ipv6ip 6to4
!
interface Ethernet0/0
no ip address
ip helper-address 192.168.23.3
!
interface Ethernet0/0.10
encapsulation dot1Q 10
ip address 172.16.10.2 255.255.255.0
ip helper-address 192.168.23.3
vrrp 10 address-family ipv4
priority 110
track 1 decrement 20
address 172.16.10.254 primary
exit-vrrp
!
interface Ethernet0/0.20
encapsulation dot1Q 20
ip address 172.16.20.2 255.255.255.0
ip helper-address 192.168.23.3
vrrp 20 address-family ipv4
priority 150
track 1 decrement 20
address 172.16.20.254 primary
exit-vrrp
!
interface Ethernet0/0.30
encapsulation dot1Q 30
ip address 172.16.30.2 255.255.255.0
ip helper-address 192.168.23.3
vrrp 30 address-family ipv4
priority 150
track 1 decrement 20
address 172.16.30.254 primary
exit-vrrp
!
interface Ethernet0/1
no ip address
shutdown
!
interface Ethernet0/2
ip address 192.168.23.2 255.255.255.0
ip helper-address 192.168.23.3
ip ospf dead-interval 80
ip ospf hello-interval 20
!
interface Ethernet0/3
no ip address
shutdown
!
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 172.16.10.2 0.0.0.0 area 0
network 172.16.20.2 0.0.0.0 area 0
network 172.16.30.2 0.0.0.0 area 0
network 192.168.23.2 0.0.0.0 area 0
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
transport input none
!
!
end

Router NORTE ==============================================================================

hostname NORTE
!
boot-start-marker
boot-end-marker
!
aqm-register-fnf
!
no logging console
!
no aaa new-model
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
fhrp version vrrp v3
!
!
!
!
!
!


!
!
!
!
ip cef
ipv6 unicast-routing
ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback1
ip address 1.1.1.1 255.255.255.255
ipv6 address 2021:ACAD:ACAD:1::1/128
!
interface Tunnel0
no ip address
no ip redirects
ipv6 address 2021:ACAD:ACAD:100::1/64
tunnel source Ethernet0/1
tunnel mode ipv6ip 6to4
!
interface Ethernet0/0
no ip address
ip helper-address 192.168.31.3
!
interface Ethernet0/0.10
encapsulation dot1Q 10
ip address 172.16.10.1 255.255.255.0
ip helper-address 192.168.31.3
vrrp 10 address-family ipv4
priority 150
track 1 decrement 20
address 172.16.10.254 primary
exit-vrrp
!
interface Ethernet0/0.20
encapsulation dot1Q 20
ip address 172.16.20.1 255.255.255.0
ip helper-address 192.168.31.3
vrrp 20 address-family ipv4
priority 110
track 1 decrement 20
address 172.16.20.254 primary
exit-vrrp
!
interface Ethernet0/0.30
encapsulation dot1Q 30
ip address 172.16.30.1 255.255.255.0
ip helper-address 192.168.31.3
vrrp 30 address-family ipv4
priority 110
track 1 decrement 20
address 172.16.30.254 primary
exit-vrrp
!
interface Ethernet0/1
ip address 192.168.31.1 255.255.255.0
ip helper-address 192.168.31.3
ip ospf dead-interval 80
ip ospf hello-interval 20
!
interface Ethernet0/2
no ip address
shutdown
!
interface Ethernet0/3
no ip address
shutdown
!
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 172.16.10.1 0.0.0.0 area 0
network 172.16.20.1 0.0.0.0 area 0
network 172.16.30.1 0.0.0.0 area 0
network 192.168.31.1 0.0.0.0 area 0
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 192.168.31.3
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
transport input none
!
!
end

EDGE PC =============================================================================================

hostname PC
!
boot-start-marker
boot-end-marker
!
aqm-register-fnf
!
!
no aaa new-model
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
!


!
!
!
!
ip host www.caso1.cl 8.8.8.8
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 4.4.4.4 255.255.255.255
!
interface Ethernet0/0
mac-address 00fa.1234.5678
ip address dhcp client-id Ethernet0/0 hostname PC
!
interface Ethernet0/1
ip address 220.0.0.2 255.255.255.252
!
interface Ethernet0/2
no ip address
shutdown
!
interface Ethernet0/3
no ip address
shutdown
!
router bgp 300
bgp router-id 3.3.3.3
bgp log-neighbor-changes
network 4.4.4.4 mask 255.255.255.255
neighbor 220.0.0.1 remote-as 100
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 220.0.0.1
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
transport input none
!
!
end

SW2 =======================================================================================

hostname SW2
!
boot-start-marker
boot-end-marker
!
!
no logging console
!
no aaa new-model
clock timezone CET 1 0
!
!
!
!
!
vtp mode transparent
!
!
!
ip dhcp snooping vlan 10,20,30
no ip dhcp snooping information option
ip dhcp snooping
ip cef
ipv6 multicast rpf use-bgp
no ipv6 cef
!
!
!
spanning-tree mode mst
spanning-tree extend system-id
!
spanning-tree mst configuration
name CASO3
revision 1
instance 1 vlan 10
instance 2 vlan 20, 30
!
!
!
vlan 10
name ROUTE
!
vlan 20
name SWITCH
!
vlan 30
name TSHOOT
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Port-channel3
no switchport
ip address 172.16.100.1 255.255.255.0
!
interface Port-channel5
switchport trunk allowed vlan 10,20,30
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Ethernet0/0
switchport trunk allowed vlan 10,20,30
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Ethernet0/1
no switchport
no ip address
channel-group 3 mode auto
!
interface Ethernet0/2
no switchport
no ip address
channel-group 3 mode auto
!
interface Ethernet0/3
switchport access vlan 10
switchport mode access
switchport port-security mac-address sticky
switchport port-security mac-address sticky aabb.cc00.0930
switchport port-security
spanning-tree portfast edge
spanning-tree bpduguard enable
ip dhcp snooping trust
!
interface Ethernet1/0
switchport trunk allowed vlan 10,20,30
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 5 mode active
!
interface Ethernet1/1
switchport trunk allowed vlan 10,20,30
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 5 mode active
!
interface Ethernet1/2
!
interface Ethernet1/3
!
ip forward-protocol nd
!
no ip http server
!
ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr
ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr
!
!
!
!
!
control-plane
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
!
!
!
end

SW1 ============================================================================================


hostname SW1
!
boot-start-marker
boot-end-marker
!
!
no logging console
!
no aaa new-model
clock timezone CET 1 0
!
!
!
!
!
vtp mode transparent
!
!
!
ip cef
ipv6 multicast rpf use-bgp
no ipv6 cef
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
spanning-tree mst configuration
name CASO3
revision 1
instance 1 vlan 10
instance 2 vlan 20, 30
!
!
!
vlan 10
name ROUTE
!
vlan 20
name SWITCH
!
vlan 30
name TSHOOT
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Port-channel1
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Port-channel5
switchport trunk allowed vlan 10,20,30
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Ethernet0/0
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
switchport access vlan 20
switchport mode access
switchport port-security mac-address sticky
switchport port-security mac-address 0000.aaaa.bbbb
switchport port-security
spanning-tree portfast edge
spanning-tree bpduguard enable
!
interface Ethernet1/0
switchport trunk allowed vlan 10,20,30
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 5 mode passive
!
interface Ethernet1/1
switchport trunk allowed vlan 10,20,30
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 5 mode passive
!
interface Ethernet1/2
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode on
!
interface Ethernet1/3
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode on
!
ip forward-protocol nd
!
no ip http server
!
ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr
ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr
!
!
!
!
!
control-plane
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
!
!
!
end

SW3 ===============================================================================================

hostname SW3
!
boot-start-marker
boot-end-marker
!
!
no logging console
!
no aaa new-model
clock timezone CET 1 0
!
!
!
!
!
vtp mode transparent
!
!
!
ip dhcp snooping vlan 10,20,30
no ip dhcp snooping information option
ip dhcp snooping
ip cef
ipv6 multicast rpf use-bgp
no ipv6 cef
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
spanning-tree mst configuration
name CASO3
revision 1
instance 1 vlan 10
instance 2 vlan 20, 30
!
!
!
vlan 10
name ROUTE
!
vlan 20
name SWITCH
!
vlan 30
name TSHOOT
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Port-channel1
ip dhcp snooping trust
!
interface Port-channel3
no switchport
ip address 172.16.100.2 255.255.255.0
!
interface Ethernet0/0
switchport trunk allowed vlan 10,20,30
switchport trunk encapsulation dot1q
switchport mode trunk
ip dhcp snooping trust
!
interface Ethernet0/1
no switchport
no ip address
channel-group 3 mode desirable
!
interface Ethernet0/2
no switchport
no ip address
channel-group 3 mode desirable
!
interface Ethernet0/3
switchport access vlan 30
switchport mode access
switchport port-security maximum 3
switchport port-security mac-address sticky
switchport port-security mac-address sticky aabb.cc00.0a30
switchport port-security
spanning-tree portfast edge
spanning-tree bpduguard enable
!
interface Ethernet1/0
!
interface Ethernet1/1
!
interface Ethernet1/2
channel-group 1 mode on
ip dhcp snooping trust
!
interface Ethernet1/3
channel-group 1 mode on
ip dhcp snooping trust
!
ip forward-protocol nd
!
no ip http server
!
ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr
ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr
!
!
!
!
!
control-plane
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
!
!
!
end

topologia.PNG

Etiquetas:
0 Útil
1 SOLUCIÓN ACEPTADA

Soluciones aceptadas

Ir a solución
luis_cordova
VIP Alumni
VIP Alumni

el ‎10-25-2023 07:25 PM

Hola

A simple vista, veo algunos temas relacionados con IP DHCP Snooping.

El comando trust debe estar presente en las interfaces del switch que reciben la respuesta del servidor DHCP (paquete Offer) y también probaría colocando el comando en las interfaces que van hacia los PC.

En tu caso, por lo que llego a entender en tu topología sería en estas interfaces:

SW1

Po1, Po5 y E0/3

SW2

Po3, Po5, E0/0 y E0/3

SW3

Po1, Po3, E0/0 y E0/3

Prueba con eso para descartar.

Saludos

Ver la solución en mensaje original publicado

5 RESPUESTAS 5

Ir a solución
Ciro G Mele
Level 1
Level 1

el ‎10-25-2023 03:42 PM

Hola,

Hay algún firewall que te hayas olvidado...

Gracias.

Saludos.

Ciro Gustavo Mele

0 Útil

Ir a solución
Gordon Freeman1
Level 1
Level 1
En respuesta a Ciro G Mele

‎10-25-2023 04:39 PM - editado ‎10-25-2023 04:39 PM

Hola, estoy configurando en simulación IOU Web, al menos durante los 2 años configurando ahí nunca he tenido que tocar las reglas de firewall, en otras topologías no he tenido problemas.

0 Útil

Ir a solución
luis_cordova
VIP Alumni
VIP Alumni

el ‎10-25-2023 07:25 PM

Hola

A simple vista, veo algunos temas relacionados con IP DHCP Snooping.

El comando trust debe estar presente en las interfaces del switch que reciben la respuesta del servidor DHCP (paquete Offer) y también probaría colocando el comando en las interfaces que van hacia los PC.

En tu caso, por lo que llego a entender en tu topología sería en estas interfaces:

SW1

Po1, Po5 y E0/3

SW2

Po3, Po5, E0/0 y E0/3

SW3

Po1, Po3, E0/0 y E0/3

Prueba con eso para descartar.

Saludos

Ir a solución
Gordon Freeman1
Level 1
Level 1
En respuesta a luis_cordova

el ‎10-25-2023 07:54 PM

Hola, efectivamente era la configuracion de DHCP Snooping, faltaba el trust en los Port-Channel y basto con apagar y prender las interfaces de los PCs a los Switches. Muchas Gracias!

0 Útil

Ir a solución
Jimena Saez
Community Manager
Community Manager
En respuesta a luis_cordova

el ‎10-27-2023 04:41 PM

Muchas gracias @luis_cordova por tu ayuda! 

Todas las soluciones nos ayudan a mejorar la comunidad... Saludos a todos

0 Útil

Navegue y encuentre contenido personalizado de la comunidad

Videos de R&S Documentos de R&S Blogs de R&S
Customers Also Viewed These Support Documents