12-10-2017 02:50 PM - edited 03-05-2019 09:37 AM
Hello.
I have a very weird issue with the DHCP client (Saw on 1941 and 2021 on IOS 15)
Every time I restart my router, to get new IP's from my ISP through DHCP, I need to do on the WAN interface the following :
ip dhcp client authentication mode token <Wait for a DHCP request to be fired and fail> no ip dhcp client authentication mode <Wait for a DHCP request to be fired and work>
There are some debug logs after a boot :
~ ssh 192.168.88.1 Password: esscg-2921-1 line 388 esscg-2921-1#sh ip int gi0/0.832 GigabitEthernet0/0.832 is up, line protocol is up Internet address will be negotiated using DHCP Broadcast address is 255.255.255.255 MTU is 1500 bytes Helper address is not set Directed broadcast forwarding is disabled Outgoing access list is ipv4-internet-out Inbound access list is ipv4-internet-in Proxy ARP is enabled Local Proxy ARP is disabled Security level is default Split horizon is enabled ICMP redirects are always sent ICMP unreachables are always sent ICMP mask replies are never sent IP fast switching is enabled IP fast switching on the same interface is enabled IP Flow switching is disabled IP CEF switching is enabled IP CEF switching turbo vector IP multicast fast switching is enabled IP multicast distributed fast switching is disabled IP route-cache flags are Fast, CEF Router Discovery is disabled IP output packet accounting is disabled IP access violation accounting is disabled TCP/IP header compression is disabled RTP/IP header compression is disabled Policy routing is disabled Network address translation is enabled, interface in domain outside BGP Policy Mapping is disabled Input features: Common Flow Table, Stateful Inspection, Virtual Fragment Reassembly, Access List, Virtual Fragment Reassembly After IPSec Decryption, NAT Outside, MCI Check Output features: Post-routing NAT Outside, Common Flow Table, Stateful Inspection, Firewall (NAT), Access List, Firewall (inspect), NAT ALG proxy IPv4 WCCP Redirect outbound is disabled IPv4 WCCP Redirect inbound is disabled IPv4 WCCP Redirect exclude is disabled Outgoing inspection rule is default Inbound inspection rule is default esscg-2921-1#sh run int gi0/0.832 Building configuration... Current configuration : 577 bytes ! interface GigabitEthernet0/0.832 description ORANGE - DATA encapsulation dot1Q 832 ip ddns update hostname xxx.ddns.net ip ddns update noip ip address dhcp ip access-group ipv4-internet-in in ip access-group ipv4-internet-out out ip nat outside ip inspect default in ip inspect default out ip virtual-reassembly in ipv6 address dhcp ipv6 address autoconfig ipv6 enable ipv6 nd autoconfig prefix ipv6 nd autoconfig default-route ipv6 dhcp client pd orange-pd ipv6 inspect default in ipv6 inspect default out ipv6 traffic-filter ipv6-internet-in in end esscg-2921-1#conf t Enter configuration commands, one per line. End with CNTL/Z.
esscg-2921-1(config)#int gi0/0.832
esscg-2921-1(config-subif)#ip dhcp client authentication mode token
esscg-2921-1#debug dhcp detail
DHCP client activity debugging is on (detailed)
000067: 00:03:54: DHCP: SDiscover attempt # 2 for entry:
000068: 00:03:54: Temp IP addr: 0.0.0.0 for peer on Interface: GigabitEthernet0/0.832
000069: 00:03:54: Temp sub net mask: 0.0.0.0
000070: 00:03:54: DHCP Lease server: 0.0.0.0, state: 3 Selecting
000071: 00:03:54: DHCP transaction id: 1DE
000072: 00:03:54: Lease: 0 secs, Renewal: 0 secs, Rebind: 0 secs
000073: 00:03:54: Next timer fires after: 00:00:04
000074: 00:03:54: Retry count: 2 Client-ID: cisco-1c6a.7a2c.7670-Gi0/0.832
000075: 00:03:54: Client-ID hex dump: 636973636F2D316336612E376132632E
000076: 00:03:54: 373637302D4769302F302E383332
000077: 00:03:54: Hostname: xxx.ddns.net
000078: 00:03:54: DHCP: SDiscover placed class-id option: 636973636F706E70
000079: 00:03:54: DHCP: SDiscover: sending 318 byte length DHCP packet
000080: 00:03:54: DHCP: SDiscover 318 bytes
000081: 00:03:54: B'cast on GigabitEthernet0/0.832 interface from 0.0.0.0
000082: 00:03:54: DHCP: Received a BOOTREP pkt
000083: 00:03:54: DHCP: Scan: Message type: DHCP Offer
000084: 00:03:54: DHCP: Scan: Server ID Option: 81.52.127.254 = 51347FFE
000085: 00:03:54: DHCP: Scan: Lease Time: 86400
000086: 00:03:54: DHCP: Scan: Subnet Address Option: 255.255.252.0
000087: 00:03:54: DHCP: Scan: Router Option: 123.123.191.254
000088: 00:03:54: DHCP: Scan: DNS Name Server Option: 62.36.225.150, 62.37.228.20
000089: 00:03:54: DHCP: Scan: Rebind time: 75600
000090: 00:03:54: DHCP: Scan: Renewal time: 43200
000091: 00:03:54: DHCP: Scan: Token Authen Message Option:
000092: 00:03:54: DHCP: Scan: Domain Name: orange.es
000093: 00:03:54: DHCP: rcvd pkt source: 123.123.191.254, destination: 255.255.255.255
000094: 00:03:54: UDP sport: 43, dport: 44, length: 338
000095: 00:03:54: DHCP op: 2, htype: 1, hlen: 6, hops: 0
000096: 00:03:54: DHCP server identifier: 81.52.127.254
000097: 00:03:54: xid: 1DE, secs: 3, flags: 8000
000098: 00:03:54: client: 0.0.0.0, your: 123.123.188.32
000099: 00:03:54: srvr: 81.52.127.254, gw: 90.74.0.254
000100: 00:03:54: options block length: 90
000101: 00:03:54: DHCP Offer Message Offered Address: 123.123.188.32
000102: 00:03:54: DHCP: Lease Seconds: 86400 Renewal secs: 43200 Rebind secs: 75600
000103: 00:03:54: DHCP: Server ID Option: 81.52.127.254
000104: 00:03:54: DHCP: No authen config but message has authen info - protocol 0 algorithm 0
%Unknown DHCP problem.. No allocation possible
esscg-2921-1(config)#int gi0/0.832
esscg-2921-1(config-subif)#no ip dhcp client authentication mode
000147: 00:04:11: DHCP: Waiting for 10 seconds on interface GigabitEthernet0/0.832
000148: 00:04:21: DHCP: Try 3 to acquire address for GigabitEthernet0/0.832
000149: 00:04:21: DHCP: No configured hostname - not including Hostname option
000150: 00:04:21: DHCP: allocate request
000151: 00:04:21: DHCP: zapping entry in DHC_PURGING state for Gi0/0.832
000152: 00:04:21: DHCP: deleting entry 2975E0D8 0.0.0.0 from list
000153: 00:04:21: Temp IP addr: 0.0.0.0 for peer on Interface: GigabitEthernet0/0.832
000154: 00:04:21: Temp sub net mask: 0.0.0.0
000155: 00:04:21: DHCP Lease server: 0.0.0.0, state: 11 Purging
000156: 00:04:21: DHCP transaction id: 1DE
000157: 00:04:21: Lease: 0 secs, Renewal: 0 secs, Rebind: 0 secs
000158: 00:04:21: Next timer fires after: 00:00:21
000159: 00:04:21: Retry count: 0 Client-ID: cisco-1c6a.7a2c.7670-Gi0/0.832
000160: 00:04:21: Client-ID hex dump: 636973636F2D316336612E376132632E
000161: 00:04:21: 373637302D4769302F302E383332
000162: 00:04:21: Hostname: xxx.ddns.net
000163: 00:04:21: DHCP: new entry. add to queue, interface GigabitEthernet0/0.832
000164: 00:04:21: DHCP: SDiscover attempt # 1 for entry:
000165: 00:04:21: Temp IP addr: 0.0.0.0 for peer on Interface: GigabitEthernet0/0.832
000166: 00:04:21: Temp sub net mask: 0.0.0.0
000167: 00:04:21: DHCP Lease server: 0.0.0.0, state: 3 Selecting
000168: 00:04:21: DHCP transaction id: 1DF
000169: 00:04:21: Lease: 0 secs, Renewal: 0 secs, Rebind: 0 secs
000170: 00:04:21: Next timer fires after: 00:00:04
000171: 00:04:21: Retry count: 1 Client-ID: cisco-1c6a.7a2c.7670-Gi0/0.832
000172: 00:04:21: Client-ID hex dump: 636973636F2D316336612E376132632E
000173: 00:04:21: 373637302D4769302F302E383332
000174: 00:04:21: Hostname: xxx.ddns.net
000175: 00:04:21: DHCP: SDiscover placed class-id option: 636973636F706E70
000176: 00:04:21: DHCP: SDiscover: sending 318 byte length DHCP packet
000177: 00:04:21: DHCP: SDiscover 318 bytes
000178: 00:04:21: B'cast on GigabitEthernet0/0.832 interface from 0.0.0.0
000179: 00:04:21: DHCP: Received a BOOTREP pkt
000180: 00:04:21: DHCP: Scan: Message type: DHCP Offer
000181: 00:04:21: DHCP: Scan: Server ID Option: 81.52.127.254 = 51347FFE
000182: 00:04:21: DHCP: Scan: Lease Time: 86400
000183: 00:04:21: DHCP: Scan: Subnet Address Option: 255.255.252.0
000184: 00:04:21: DHCP: Scan: Router Option: 123.123.191.254
000185: 00:04:21: DHCP: Scan: DNS Name Server Option: 62.36.225.150, 62.37.228.20
000186: 00:04:21: DHCP: Scan: Rebind time: 75600
000187: 00:04:21: DHCP: Scan: Renewal time: 43200
000188: 00:04:21: DHCP: Scan: Token Authen Message Option:
000189: 00:04:21: DHCP: Scan: Domain Name: orange.es
000190: 00:04:21: DHCP: rcvd pkt source: 123.123.191.254, destination: 255.255.255.255
000191: 00:04:21: UDP sport: 43, dport: 44, length: 338
000192: 00:04:21: DHCP op: 2, htype: 1, hlen: 6, hops: 0
000193: 00:04:21: DHCP server identifier: 81.52.127.254
000194: 00:04:21: xid: 1DF, secs: 0, flags: 8000
000195: 00:04:21: client: 0.0.0.0, your: 123.123.188.32
000196: 00:04:21: srvr: 81.52.127.254, gw: 90.74.0.254
000197: 00:04:21: options block length: 90
000198: 00:04:21: DHCP Offer Message Offered Address: 123.123.188.32
000199: 00:04:21: DHCP: Lease Seconds: 86400 Renewal secs: 43200 Rebind secs: 75600
000200: 00:04:21: DHCP: Server ID Option: 81.52.127.254
000201: 00:04:21: DHCP: offer received from 81.52.127.254
000202: 00:04:21: DHCP: SRequest attempt # 1 for entry:
000203: 00:04:21: Temp IP addr: 123.123.188.32 for peer on Interface: GigabitEthernet0/0.832
000204: 00:04:21: Temp sub net mask: 255.255.252.0
000205: 00:04:21: DHCP Lease server: 81.52.127.254, state: 4 Requesting
000206: 00:04:21: DHCP transaction id: 1DF
000207: 00:04:21: Lease: 86400 secs, Renewal: 0 secs, Rebind: 0 secs
000208: 00:04:21: Next timer fires after: 00:00:03
000209: 00:04:21: Retry count: 1 Client-ID: cisco-1c6a.7a2c.7670-Gi0/0.832
000210: 00:04:21: Client-ID hex dump: 636973636F2D316336612E376132632E
000211: 00:04:21: 373637302D4769302F302E383332
000212: 00:04:21: Hostname: xxx.ddns.net
000213: 00:04:21: DHCP: SRequest- Server ID option: 81.52.127.254
000214: 00:04:21: DHCP: SRequest- Requested IP addr option: 123.123.188.32
000215: 00:04:21: DHCP: SRequest placed class-id option: 636973636F706E70
000216: 00:04:21: DHCP: SRequest: 330 bytes
000217: 00:04:21: DHCP: SRequest: 330 bytes
000218: 00:04:21: B'cast on GigabitEthernet0/0.832 interface from 0.0.0.0
000219: 00:04:22: DHCP: Received a BOOTREP pkt
000220: 00:04:22: DHCP: Scan: Message type: DHCP Ack
000221: 00:04:22: DHCP: Scan: Server ID Option: 81.52.127.254 = 51347FFE
000222: 00:04:22: DHCP: Scan: Lease Time: 86400
000223: 00:04:22: DHCP: Scan: Subnet Address Option: 255.255.252.0
000224: 00:04:22: DHCP: Scan: Router Option: 123.123.191.254
000225: 00:04:22: DHCP: Scan: DNS Name Server Option: 62.36.225.150, 62.37.228.20
000226: 00:04:22: DHCP: Scan: Rebind time: 75600
000227: 00:04:22: DHCP: Scan: Renewal time: 43200
000228: 00:04:22: DHCP: Scan: Token Authen Message Option:
000229: 00:04:22: DHCP: Scan: Domain Name: orange.es
000230: 00:04:22: DHCP: rcvd pkt source: 123.123.191.254, destination: 255.255.255.255
000231: 00:04:22: UDP sport: 43, dport: 44, length: 338
000232: 00:04:22: DHCP op: 2, htype: 1, hlen: 6, hops: 0
000233: 00:04:22: DHCP server identifier: 81.52.127.254
000234: 00:04:22: xid: 1DF, secs: 0, flags: 8000
000235: 00:04:22: client: 0.0.0.0, your: 123.123.188.32
000236: 00:04:22: srvr: 81.52.127.254, gw: 90.74.0.254
000237: 00:04:22: options block length: 90
000238: 00:04:22: DHCP Ack Message
000239: 00:04:22: DHCP: Lease Seconds: 86400 Renewal secs: 43200 Rebind secs: 75600
esscg-2921-1(config-subif)#
000240: 00:04:22: DHCP: Server ID Option: 81.52.127.254
esscg-2921-1(config-subif)#do sh
000241: 00:04:26: DHCP: Releasing ipl options:
000242: 00:04:26: DHCP: Applying DHCP options:
000243: 00:04:26: Setting default_gateway to 123.123.191.254
000244: 00:04:26: Adding default route 123.123.191.254
000245: 00:04:27: Adding route to DHCP server 81.52.127.254 via GigabitEthernet0/0.832 123.123.191.254
000246: 00:04:27: Adding DNS server address 62.36.225.150
000247: 00:04:27: Adding DNS server address 62.37.228.20
000248: 00:04:27: DHCP: Sending notification of ASSIGNMENT:
000249: 00:04:27: Address 123.123.188.32 mask 255.255.252.0
000250: 00:04:27: DHCP Client Pooling: ***Allocated IP address: 123.123.188.32
000251: 00:04:27: Allocated IP address = 123.123.188.32 255.255.252.0
And this keep hapenning at every restart.
I didn't had problems with other device (Like EdgeRouter) to get the DHCP client working fine.
Seen for example on : Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.5(3)M6a, RELEASE SOFTWARE (fc2)
Any idea of what what can be ? Looks like a bug ?
Thanks