11-02-2017 06:36 AM - edited 03-05-2019 09:25 AM
ISRs can accept DHCP mask 255.255.255.255 on loopback interfaces and on dialer interfaces (PPP/PPPoE). However on interfaces configured as static IP or DHCP client, the IP with mask 255.255.255.255 is not accepted. debug dhcp detail shows the following:
Nov 2 11:58:43.704: DHCP: SDiscover: sending 311 byte length DHCP packet Nov 2 11:58:43.704: DHCP: SDiscover 311 bytes Nov 2 11:58:43.705: B'cast on GigabitEthernet0/0/0.101 interface from 0.0.0.0 Nov 2 11:58:43.707: DHCP: Received a BOOTREP pkt Nov 2 11:58:43.707: DHCP: Scan: Message type: DHCP Offer Nov 2 11:58:43.707: DHCP: Scan: Server ID Option: 10.120.34.1 = A782201 Nov 2 11:58:43.707: DHCP: Scan: Lease Time: 108000 Nov 2 11:58:43.707: DHCP: Scan: Renewal time: 54000 Nov 2 11:58:43.707: DHCP: Scan: Rebind time: 94500 Nov 2 11:58:43.707: DHCP: Scan: Router Option: 10.120.34.1 Nov 2 11:58:43.707: DHCP: Scan: bad Subnet mask Option 255.255.255.255 Nov 2 11:58:43.707: DHCP: Error in pkt. punting Nov 2 11:58:47.702: DHCP: SDiscover attempt # 3 for entry:
Is there a way to configure the ISR in a way that it will accept a mask 255.255.255.255 from DHCP? As it can work with such mask on PPP interface, it should probably not have too many difficulties with that mask on other interfaces. Linux and Windows machines happily accept mask 255.255.255.255 and a gateway outside of the own subnet when a mask 255.255.255.255 is used.
Is the only way to make it work, use of another Linux or similar gateway in front of Cisco?
11-02-2017 02:38 PM
Perhaps we could give better advice if we understood better what you are attempting to accomplish. Why would you want a Gig Ethernet interface (or subinterface) to have a mask of 255.255.255.255? This mask indicates that there are no other devices in the network connected to the interface. For loopback interfaces or dialer interfaces which are virtual interfaces it may make sense to have no connected device on that interface. But for Gig Ethernet why would you configure it to have no other connected devices on that interface?
HTH
Rick
11-02-2017 04:25 PM - edited 11-02-2017 04:30 PM
There are two main cases where DHCP server sends mask 255.255.255.255 to the clients.
1.
One is a network access protection. This achieves that clients on the same physical or WiFi network cannot talk directly but have to pass through the router/firewall which adds security.
2.
Another one is when the provider is saving IP addresses when giving them out to the clients. Mostly this happens when the ISR Ethernet interface is used as a point-to-point link to a DOCSIS/LTE or similar modem where the modem only forwards packets to a gateway and no other devices can receive them. Instead of giving /30 or similar to the clients, /32 is given out the same way as usually on PPP/PPPoE link.
In both cases an ISR cannot be connected to such a network. I have the trouble with the second case where a backup ISP with DOCSIS 3.1 modem gives out IPv4 addresses with DHCP using mask 255.255.255.255 and ISR cannot get connected on IPv4.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide