Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
8502
Views
0
Helpful
16
Replies

Remote DHCP issues

Go to solution
Brett S
Level 1
Level 1

‎08-07-2021 10:13 AM - edited ‎08-07-2021 01:10 PM

Greetings all. Upfront, I'm a beginner at best with a homelab, so you know where my skillset is at. I've been around networks for a while, just never worked on them beyond the off the shelf stuff. I started to take my CCNA a few years ago, passed the first test, but never went back (life, work, family, etc). So I'm not unfamiliar with them, and I think I understand fundamentals (maybe).

The issue I'm having right now is trying to get IP leases from remote DHCP's.

My equipment

MikroTik RB4011 router (where I want the DHCP servers)

Cisco 3560X 48 PoE+ w/ the 10Gig module

A Unifi AP AC Pro

Dell R630 running some VM's

The SFP+ port on the MikrotTik and 3560X are in a routed, no switchport, non-trunk mode

I had originally thought my issue was on the RB4011. The Cisco is setup to do Inner VLan routing, and it's doing it perfectly (a network buddy of mine helped me set it all up, teaching me a few things along the way). The RB's only job is to connect ether 1 to my modem/internet and the SFP+ to one of the 10G uplinks on the switch. Works great. We did not do RoaS as I wanted the switch to do all the heavy lifting for inner routing, leaving the router to worry about firewall, passing traffic to the internet, and DHCP services for the VLans. Everything in my house is connected to the 3560X. With the exception of a couple items, we currently have everything in VLan 1 just to keep it simple until I get the DHCP issue sorted. My gear (eg; the Dell R630, the AP, my desktop) are all in another VLan (150) and all working perfectly.

VLan 1 and 150 are using the Cisco as their DHCP. VLan 165 is my "test bed", a laptop. I will end up with 5 VLans when all is done.

My intent had been to use the MikroTik as a DHCP, and even though everyone on VLan 1 and 150 could ping each other, get out to the internet, etc., I couldn't pull IP's on VLan 165 (ip helper-address was pointing to the IP on the MT, and packet sniffer could see traffic). I static assigned an IP to the test laptop in VLan 165 and it worked great, so it's not a routing issue. After researching for the last week, I finally gave up on the MT and decided I would go ahead and use my Unifi controller as the DHCP server. I configured it, pointed the ip helper at it and wha la - nothing.

Same issue. Can talk to it all day, can talk from it, but no IP's are being issued.

None of the DHCP's are on the same subnet, but from what I gather, that doesn't matter so long as the ip helper is pointing to the correct IP that's running the DHCP?

Is there a possibility the request is being blocked? Is there a config setting I need to turn on? I checked the Cisco documentation for relays and found nothing other than the ip helper, which again, seems to do it's job of sending out (every time I did an ipconfig /renew on the laptop, packet sniffer on the MT count would go up, then stop when the laptop would give up).

I'm attaching my config, vlan, and ip route. I believe I redacted all the important stuff.

If anyone can give me any clues. At this point I don't know if I need to be looking at the MikroTik, the Unifi Controller, the Cisco, or all three. My buddy tries to help where he can, but he's a seriously busy man with young young'ns, so I try very hard not to bother him. I'm at a total loss.

One last note, I'm definitely not asking anyone to spoon feed me answers, but I know so little that at this point, I don't know if what I'm trying to do will even work. If someone could tell me that I'm banging my head on the wall for nothing, I'll stop, give in, and go the RoaS route (no pun). And if it can be done, just tell me what I need to read up on/look at, the key points to watch for.

 

If you made it here, thank you for taking the time to listen to my plea lol. If you offer up any answers/suggestions, right, wrong, whatever, I thank you for trying to help.

 

Brett "Swany" S.

 

**edited for clarification**

**edited to add a screen shot of the MikroTik config for DHCP in case anyone also speaks MT**

Labels:
Preview file
7 KB
Preview file
3 KB
Preview file
1 KB
Preview file
542 KB
0 Helpful
16 Replies 16

Go to solution
Brett S
Level 1
Level 1
In response to Brett S

‎08-11-2021 08:30 PM

Looks as if I spoke too soon. It did start handing out IPs, but when I added other pools to the DHCP server, it just kept handing out the same one over and over, even if I flushed the dns from the laptop. So I am back at square one, and I honestly don't know how much more energy I can spend on this.

0 Helpful

Go to solution
Brett S
Level 1
Level 1

‎08-13-2021 01:33 PM

I now have a 95% satisfactory resolution.

Configure all VLan's and VLan SVI's on the Cisco

On the Cisco, set the ip helper-address to the router interface on the SFP+ link

On the MikroTik build a DHCP server for each VLan you want to pull an IP

In the Relay option within the DHCP server options, set it to the gateway IP of the VLan on the Cisco. When the Cisco forwards the dhcp broadcast request, it sends it with the VLan gateway IP as the return. Which, if you only have one VLan/Network, you can actually set it to the broadcast, 255.255.255.255. If you have 2 or more, you need to use the gateway IP (I hope I'm explaining this well)

The important part (at least for me), and why it's only 95% and not 100% - You need to uncheck the Conflict Detection option. For me, it's what was causing the pools to exhaust because it was thinking the IP/APR was in use. Once I did that, it would hand out IP's. This can lead to issues down the road when needing to troubleshoot because if a system has an ip of 192.168.1.10 for whatever reason (static set, assigned by DHCP) and your DHCP isn't tracking it (reserve the IP on the DHCP server, DHCP server reboots, loses all track of IPs assigned, etc), it will just gladly hand out the same IP address again.

Until I can figured out what exactly is going on with the ARP messages, this will suffice for now. It gives me my GUI so I can see everything easily at a glance, will allow me to plug in new devices and let them be discovered, etc. For my use case, this solution is an acceptable temporary solution as most of my devices will end up with statics (but not all) and I can reserve those off to the side in DHCP or just not allow them into the pool again.

Again, not a 100%, but a good enough for now (especially given all the time I've already put in to this issue and ignored other things going on that need my focus, both network and home)

Thank you guys for trying to help. It honestly was and is appreciated.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card