Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1716
Views
5
Helpful
6
Replies

Gateway IP address looping

Go to solution
prince.p
Level 1
Level 1

‎06-18-2018 12:50 AM - edited ‎03-05-2019 10:36 AM

Hi Friend,

 

We are using Cisco 2900 series router and 2 cisco 2960 series cisco swiches.

we have created switch port trunk allowed and switch port mode trunk in GI 0/17,19 and 21 ports

the default gateway is 10.1.0.10.

we have enabled DHCP server in Sonicwall firewall. and assign the IP address with mac id in Sonicwall firewall.

when we connect dlink router and its ip address is 10.1.0.99 in switch port GI 0/17. the default gateway is changed from 10.1.0.10 to 10.1.0.99 in some of the pc. and gateway looping occurs in the network.

can anyone help me to trace this problem

 

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
pigallo
Cisco Employee
Cisco Employee

‎06-18-2018 03:33 AM

probably dlink router has enabled DHCP service as well and sets its own ip address as default gateway for the LAN. So when some of the hosts ask for an ip address and dlink is faster to answer, then some hosts set their GW with dlink ip address.
Actually this is not loop it is a blackhole/traffic redirect which potentially may cause a severe security issue in your network if used maliciously. You could disable DHCP on dlink device or enable DHCP snooping on the switch to avoid such issues.

View solution in original post

6 Replies 6

Go to solution
pigallo
Cisco Employee
Cisco Employee

‎06-18-2018 03:33 AM

probably dlink router has enabled DHCP service as well and sets its own ip address as default gateway for the LAN. So when some of the hosts ask for an ip address and dlink is faster to answer, then some hosts set their GW with dlink ip address.
Actually this is not loop it is a blackhole/traffic redirect which potentially may cause a severe security issue in your network if used maliciously. You could disable DHCP on dlink device or enable DHCP snooping on the switch to avoid such issues.

Go to solution
prince.p
Level 1
Level 1
In response to pigallo

‎06-18-2018 03:48 AM

thanks for your update.

can you please help me to configure DHCP snooping on the cisco 2960 series switch

0 Helpful

Go to solution
Dennis Mink
VIP Alumni
VIP Alumni
In response to prince.p

‎06-18-2018 05:09 AM

I think you are better of trying to figure out what is dishing out dhcp addresses incorrectly, that trying to somehow patch it with snooping.  set up wiresharop and capture the dhcp traffic and see where the lease is given from (what mac address), so you can turn it off. this is a more controllable way.

Please remember to rate useful posts, by clicking on the stars below.

0 Helpful

Go to solution
pigallo
Cisco Employee
Cisco Employee
In response to Dennis Mink

‎06-18-2018 06:04 AM

@Dennis Mink wrote:

I think you are better of trying to figure out what is dishing out dhcp addresses incorrectly, that trying to somehow patch it with snooping.  set up wiresharop and capture the dhcp traffic and see where the lease is given from (what mac address), so you can turn it off. this is a more controllable way.

Technically the patch is what you are suggesting here, not DHCP snooping.
DHCP snooping allows to manage such issues from centralized point without anymore worries about devices that could also mistakenly be connected to your access layer.
Without anymore worry about setting up wireshark sessions everytime that someone connect a device to your network.
With snooping you can manage the security of your device along with additional feature like DAI or source guard which leverage the snooping database to support their services.

0 Helpful

Go to solution
prince.p
Level 1
Level 1
In response to pigallo

‎06-18-2018 11:47 PM

Hi Pigallo,
Thanks for your update now I understood what is DHCP snooping.
I am having some doubt in configuring DHCP snooping.
we have connected Sonicwall lan interface in cisco switch GI0/48.so do we want to configure the DHCP snooping in GI0/48 or any other port I want to do
we are configured three VLAN and we configured switch port trunk allowed vlan in port 17, 19 and 21 and 48.in the port 17,19 21 we connected wireless access point . so shall I assign IP DHCP snooping for vlan 1,2,3 or in port 17,19,21 and 48.
can you please help



0 Helpful

Go to solution
prince.p
Level 1
Level 1
In response to pigallo

‎06-18-2018 11:47 PM

Hi Pigallo,
Thanks for your update now I understood what is DHCP snooping.
I am having some doubt in configuring DHCP snooping.
we have connected Sonicwall lan interface in cisco switch GI0/48.so do we want to configure the DHCP snooping in GI0/48 or any other port I want to do
we are configured three VLAN and we configured switch port trunk allowed vlan in port 17, 19 and 21 and 48.in the port 17,19 21 we connected wireless access point . so shall I assign IP DHCP snooping for vlan 1,2,3 or in port 17,19,21 and 48.
can you please help

 

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card