03-04-2022 03:10 AM - edited 03-04-2022 04:33 AM
Hey all,
I am experiencing some issues with Port-Based Address Allocation responding with a NAK to lease time renewals from nodes. I was able to reproduce the problem on at least the following system/software combinations:
The test environment that I use consists of one of the above Cisco switches as a DHCP server. Connected to this switch there is a Linux based node requesting its IP via DHCP.
The initial DORA procedure works correctly and gives the reserved address (200.0.0.1) for the specific switch port to the node based on the client-id, the interface name.When the node renews its lease the DHCP server (200.0.0.250) responds with a NAK with the reason that the address is already in use.With debugging enabled on the switch I was able to see the behaviour and why the NAK is given.
The switch thinks the address is already in use because the client-id is different compared to the one that has been assigned with the IP.
- The ASCII HEX of the client-id during the initial DORA procedure is the shortname of the physical port "Twe1/0/5".
- The ASCII HEX of the client-id during the lease renewal is the shortname of the SVI VLAN interface "vl10" (vlan 10).
As long as all communication broadcasts to 255.255.255.255 it seems to assign the correct client-id however when the client directly communicates to the IP of the DHCP server (200.0.0.250) on interface VLAN10 then the client-id changes.
I added the test DHCP configuration, debug info of the DHCP server and debug info of the DHCP client.
I hope someone is able to give me the redeeming answer to get successful lease renewals.
Kind regards,
Roy
Test switch DHCP configuration:
ip dhcp use subscriber-id client-id ip dhcp subscriber-id interface-name ip dhcp pool testpool network 200.0.0.0 255.255.255.0 reserved-only address 200.0.0.1 client-id "Twe1/0/5" ascii vlan 10 name testvlan interface twe1/0/5 description testnode switchport access vlan 10 switchport mode access ip dhcp server use subscriber-id client-id no shutdown interface Vlan10 description TestVLAN ip address 200.0.0.250 255.255.255.0
DHCP client logging:
dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 3 (xid=0x685fd3f1) dhclient: DHCPOFFER from 200.0.0.250 dhclient: DHCPREQUEST on eth0 to 255.255.255.255 port 67 (xid=0x685fd3f1) dhclient: DHCPACK from 200.0.0.250 (xid=0x685fd3f1) dhclient: bound to 200.0.0.1 -- renewal in 25 seconds. dhclient: DHCPREQUEST on eth0 to 200.0.0.250 port 67 (xid=0x685fd3f1) dhclient: DHCPNAK from 200.0.0.250 (xid=0x685fd3f1) dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 3 (xid=0x5a508934) dhclient: DHCPOFFER from 200.0.0.250 dhclient: DHCPREQUEST on eth0 to 255.255.255.255 port 67 (xid=0x5a508934) dhclient: DHCPACK from 200.0.0.250 (xid=0x5a508934) dhclient: bound to 200.0.0.1 -- renewal in 24 seconds.
DHCP server debug info switch:
DHCPD: using subscriber-id as client-id DHCPD: DHCPREQUEST received from client 0056.6c31.30. DHCPD: DHCPREQUEST received on interface Vlan10. DHCPD: Client either rebooted or rebinding we are seeing the client for first time DHCPD: requested address 200.0.0.1 belongs to some other client. DHCPD: Sending notification of ASSIGNMENT FAILURE: DHCPD: htype 1 chaddr 5254.00a9.02ba DHCPD: interface = Vlan10 DHCPD: Sending notification of ASSIGNMENT_FAILURE: DHCPD: due to: ADDRESS ALREADY IN USE DHCPD: htype 1 chaddr 5254.00a9.02ba DHCPD: interface = Vlan10 DHCPD: Sending DHCPNAK to client 0056.6c31.30. DHCPD: broadcasting BOOTREPLY to client 5254.00a9.02ba. DHCPD: using subscriber-id as client-id DHCPD: Sending notification of DISCOVER: DHCPD: htype 1 chaddr 5254.00a9.02ba DHCPD: circuit id 0004000a0105 DHCPD: interface = Vlan10 DHCPD: DHCPDISCOVER received from client 0054.7765.312f.302f.35 on interface Vlan10. DHCPD: Sending notification of DISCOVER: DHCPD: htype 1 chaddr 5254.00a9.02ba DHCPD: circuit id 0004000a0105 DHCPD: interface = Vlan10 DHCPD: Found previous server binding DHCPD: Sending DHCPOFFER to client 0054.7765.312f.302f.35 (200.0.0.1).DHCPD: Setting only requested parameters DHCPD: child pool: 200.0.0.0 / 255.255.255.0 (testpool) DHCPD: pool testpool has no parent. DHCPD: ARP entry exists (200.0.0.1, 5254.00a9.02ba). DHCPD: egress Interfce Vlan10 etc.... ... ... DHCPD: Sending DHCPACK to client 0054.7765.312f.302f.35 (200.0.0.1).DHCPD: Setting only requested parameters