Solved: Re: Another Big DHCP issue with CUCM

Bitcoin · ‎03-13-2020

Ladies and Gents,

Situation: As of today my CUCM (seemingly) has stopped issuing IP addresses. Here's what I now for sure:

- CUCM Version 11.5.1.14900-11

- ISE 2.3.0.298

Simple topology. Mesh. Network devices are connected to access switches on their own VLAN. These switches are trunked to Core devices(Layer 3) that maintain the VE's for each VLAN. VLAN's are not traversing across the layer three devices. These devices have the ip helper-address of both the ISE server and the appropriate Call Manager for the DHCP clients.

We have five CM's in this Cluster. Two are being used as points to retrieve IP addresses.

The architecture is very simple. Each VLAN has a /24 address space.

- sh auth session's are 'auth' for devices

- I increased the scope in the DHCP server for the VLAN I am trying to use as well as the first VLAN that seemed to show the problem. example XXX.XXX.50.1/23 from XXX.XXX.50.1/24 and just added another set addresses to the entry in the Call Manager so it rolls over from 50.255 to 51.0.

- There are 1700 devices in total.

- No major changes to the network have occurred in the past year.

- Our ISE server COULD definitely be an issue in this as it is not on the approved product from Cisco and has some definite issues

- Many issues like this have been "resolved" by restarting the UCS device these CUCM's are hosted on. (I would not like to do that).

- IP Phones are requesting DHCP services and giving the status message "IPv4 DHCP Timeout"

- I stopped and started DHCP service in Serviceability.

- Everything is Cisco

- Phones are 8800 series

DHCP Subnet Information is as such:

Subnet IPv4 Address: XXX.XXX.50.0

Primary Start IPV4 Address XXX.XXX.50.2

Primary End IPv4 Address XXX.XXX.51.254

Primary Router IPv4 Address XXX.XXX.50.1

IPv4 Subnet Mask 255.255.254.0

Then all the DNS, TFTP, etc is correct.

ARP Cache Timeout: 30

IP Address Lease TIme: 2592000

Renewal(T1) Time: 1296000

Rebinding (T2) Time: 2203200

I inherited this network 4 months ago but have been around for a year. Until today there did not seem to be any issue with DHCP and ISE and still does not seem to be an issue.

I have scoured the forums and have tried to look at the basic things. From eliminating 802.1x from the port. To ensuring they are manually input into ISE. Changing VLANs...using known good phones. ETC...

I am hoping one of you CUCM Gods can point out the easy thing I overlooked!

4qbuddy · ‎10-25-2021

Hi there

Appreciate this is 18 months too late but I thought I would comment for anyone else searching.

As the guy above says, cucm is not a good dhcp server. I have issues with it all the time, and restarting the service rarely works. I find the only reliable way is to delete the pool and re-add it. This, of course, is neither sustainable or acceptable.

I hope you got sorted!

View solution in original post

Roger Kallberg · ‎03-14-2020

Not an answer to your question or problem with DHCP in CUCM, but my best advice to you would be to stop using CUCM as your DHCP server. It’s not really the primary use case for it. You would be much better off if you define your voice vlan DHCP scope in any other DHCP server. For example the one you likely have for handling IP addresses out to computer clients. In the scope(s) for voice vlan just make sure you add option 150 for the TFTP server(s) so that the phones knows where to get the configuration from. Then change the ip helper on the voice vlan to point to this DHCP server.

4qbuddy · ‎10-25-2021

Hi there

Appreciate this is 18 months too late but I thought I would comment for anyone else searching.

As the guy above says, cucm is not a good dhcp server. I have issues with it all the time, and restarting the service rarely works. I find the only reliable way is to delete the pool and re-add it. This, of course, is neither sustainable or acceptable.

I hope you got sorted!

Roger Kallberg · ‎10-25-2021

@Bitcoin May I ask what was different in @4qbuddy reply that made you mark that as an solution but not mine?