Solved: Re: Interface not accepting DHCP address

Adam_S · ‎07-27-2023

Have configured an interface on cisco 2811 for DHCP, it is up/up but not accepting an address. I've attached a basic config and DHCP debug. Any advice would be appreciated, any further info can be provided.

Peter Paluch · ‎07-28-2023

Hello Adam,

Configuration register is 0x2402

... et voilà! Here is the culprit!

https://www.cisco.com/c/en/us/support/docs/routers/10000-series-routers/50421-config-register-use.html#toc-hId--612512991

Your configuration register value translates to these meanings:

- Boots default ROM software if network boot fails (0x2000)
- IP broadcast with all zeros (0x0400)
- Traditional default netboot filename (0x0002)

The correct default setting of your configuration register should be

0x2102

Once you get the chance, please change it and reload the router:

configure terminal
config-register 0x2102
end
copy run start
reload

I have also reviewed your configuration, and you have a few additional problems there that are unrelated to this issue but that would come back and bite you later.

1) You have Cisco Express Forwarding (CEF) disabled. This will decrease the throughput your router can provide, and increases the CPU load when routing packets. Please enable CEF by

configure terminal
ip cef
end

2) Your NAT configuration is partially wrong, partially incomplete.

What's incomplete: Your interface Vlan25 is marked as inside which is okay, but you don't have an interface marked as outside. This is a must without exceptions. Based on your configuration, I assume that it is

FastEthernet0/0

that should be marked as outside.

What's wrong: You have used the

ip nat source list NAT interface FastEthernet0/0 overload

command to specify how the packets should be translated. However, you missed the inside keyword from this command. Without the inside keyword, this command refers to another method and style of NAT configuration we call the NVI style, and that requires different configuration of the interfaces as well

ip nat enable instead of ip nat inside/outside

With your current configuration, the NAT would not work at all.

To fix both issues, configure:

configure terminal
no ip nat source list NAT interface FastEthernet0/0 overload
ip nat inside source list NAT interface FastEthernet0/0 overload
interface FastEthernet0/0
ip nat outside
end

3) Your

default route

is statically configured out the

Fa0/0

interface without a next hop. Pointing a static route out a multi-access interface such as Ethernet without a next hop address is a strong, resounding no. It causes an excessive ARP traffic and an excessively large ARP cache, and is completely dependent on your upstream router having Proxy ARP enabled (it is because such route causes the entire internet to be considered as directly connected on your

Fa0/0

and hence ARP-able). We already saw situations where, through this configuration, the ARP cache grew so large that it caused the router to exhaust all memory and crash - only to exhaust it again, ending in neverending repeated crashes.

I understand you configured it this way because with DHCP, you cannot assume to know the next hop address in advance. However, you do not need to configure any static

default route

if you are using DHCP. If the DHCP assigns you a

default route

it will be put into your routing table automatically without any additional configuration (with an AD of 254). If you still want to configure it statically because you want to give it a better AD, you can do it but you still need to specify the

dhcp

keyword in the static route to avoid the problems specified above.

To fix this:

configure terminal
no ip route 0.0.0.0 0.0.0.0 FastEthernet0/0

! ... and if you insist on having it configured statically because you want to lower its AD:
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0 dhcp
end

Hopefully, this all will make your router work properly.

Please feel welcome to ask further!

Best regards,
Peter

View solution in original post

Peter Paluch · ‎07-27-2023

Adam,

There don't seem to be any attachments included with your post. I wonder if they might be getting scrubbed or something. Could you try attaching them again?

Best regards,
Peter

Adam_S · ‎07-27-2023

ive reattached the file. Hopefully it takes. Below are the contents just in case:

Cisco-2811#show ip int brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 unassigned YES DHCP up up
FastEthernet0/1 192.168.1.2 YES NVRAM up up
FastEthernet0/1/0 unassigned YES unset up down
FastEthernet0/1/1 unassigned YES unset up down
FastEthernet0/1/2 unassigned YES unset up down
FastEthernet0/1/3 unassigned YES unset up down
FastEthernet0/1/4 unassigned YES unset up down
FastEthernet0/1/5 unassigned YES unset up down
FastEthernet0/1/6 unassigned YES unset up down
FastEthernet0/1/7 unassigned YES unset up down
FastEthernet0/1/8 unassigned YES unset up down
Serial0/3/0 unassigned YES NVRAM administratively down down
Vlan1 unassigned YES NVRAM administratively down down
Vlan25 192.168.25.1 YES NVRAM up down
NVI0 2.2.2.2 YES unset up up
Loopback0 2.2.2.2 YES NVRAM up up
Cisco-2811#show run int
Cisco-2811#show run interface fa
Cisco-2811#show run interface fastEthernet 0/0
Building configuration...

Current configuration : 204 bytes
!
interface FastEthernet0/0
description internet
ip address dhcp
ip broadcast-address 0.0.0.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip virtual-reassembly
duplex auto
speed auto
end

Cisco-2811#show version
Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(15)T9, RELEASE SOFTWARE (fc5)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Tue 28-Apr-09 13:09 by prod_rel_team

ROM: System Bootstrap, Version 12.4(13r)T5, RELEASE SOFTWARE (fc1)

Cisco-2811 uptime is 57 minutes
System returned to ROM by power-on
System image file is "flash:c2800nm-advipservicesk9-mz.124-15.T9.bin"


*Nov 26 05:32:14 AEDST: DHCP: QScan: Purging entry
*Nov 26 05:32:14 AEDST: DHCP: deleting entry 49241A08 0.0.0.0 from list
*Nov 26 05:32:14 AEDST: Temp IP addr: 0.0.0.0 for peer on Interface: FastEthernet0/0
*Nov 26 05:32:14 AEDST: Temp sub net mask: 0.0.0.0
*Nov 26 05:32:14 AEDST: DHCP Lease server: 0.0.0.0, state: 11 Purging
*Nov 26 05:32:14 AEDST: DHCP transaction id: EB4
*Nov 26 05:32:14 AEDST: Lease: 0 secs, Renewal: 0 secs, Rebind: 0 secs
*Nov 26 05:32:14 AEDST: No timer running
*Nov 26 05:32:14 AEDST: Retry count: 0 Client-ID: cisco-0015.633b.8ba0-Fa0/0
*Nov 26 05:32:14 AEDST: Client-ID hex dump: 636973636F2D303031352E363333622E
*Nov 26 05:32:14 AEDST: 386261302D4661302F30
*Nov 26 05:32:14 AEDST: Hostname: Cisco-2811
*Nov 26 05:32:44 AEDST: DHCP: Try 49 to acquire address for FastEthernet0/0
*Nov 26 05:32:44 AEDST: DHCP: allocate request
*Nov 26 05:32:44 AEDST: DHCP: new entry. add to queue, interface FastEthernet0/0
*Nov 26 05:32:44 AEDST: DHCP: SDiscover attempt # 1 for entry:
*Nov 26 05:32:44 AEDST: Temp IP addr: 0.0.0.0 for peer on Interface: FastEthernet0/0
*Nov 26 05:32:44 AEDST: Temp sub net mask: 0.0.0.0
*Nov 26 05:32:44 AEDST: DHCP Lease server: 0.0.0.0, state: 3 Selecting
*Nov 26 05:32:44 AEDST: DHCP transaction id: EB5
*Nov 26 05:32:44 AEDST: Lease: 0 secs, Renewal: 0 secs, Rebind: 0 secs
*Nov 26 05:32:44 AEDST: Next timer fires after: 00:00:04
*Nov 26 05:32:44 AEDST: Retry count: 1 Client-ID: cisco-0015.633b.8ba0-Fa0/0
*Nov 26 05:32:44 AEDST: Client-ID hex dump: 636973636F2D303031352E363333622E
*Nov 26 05:32:44 AEDST: 386261302D4661302F30
*Nov 26 05:32:44 AEDST: Hostname: Cisco-2811
*Nov 26 05:32:44 AEDST: DHCP: SDiscover: sending 299 byte length DHCP packet
*Nov 26 05:32:44 AEDST: DHCP: SDiscover 299 bytes
*Nov 26 05:32:44 AEDST: B'cast on FastEthernet0/0 interface from 0.0.0.0
*Nov 26 05:32:47 AEDST: DHCP: SDiscover attempt # 2 for entry:
*Nov 26 05:32:47 AEDST: Temp IP addr: 0.0.0.0 for peer on Interface: FastEthernet0/0
*Nov 26 05:32:47 AEDST: Temp sub net mask: 0.0.0.0
*Nov 26 05:32:47 AEDST: DHCP Lease server: 0.0.0.0, state: 3 Selecting
*Nov 26 05:32:47 AEDST: DHCP transaction id: EB5
*Nov 26 05:32:47 AEDST: Lease: 0 secs, Renewal: 0 secs, Rebind: 0 secs
*Nov 26 05:32:47 AEDST: Next timer fires after: 00:00:04
*Nov 26 05:32:47 AEDST: Retry count: 2 Client-ID: cisco-0015.633b.8ba0-Fa0/0
*Nov 26 05:32:47 AEDST: Client-ID hex dump: 636973636F2D303031352E363333622E
*Nov 26 05:32:47 AEDST: 386261302D4661302F30
*Nov 26 05:32:47 AEDST: Hostname: Cisco-2811
*Nov 26 05:32:47 AEDST: DHCP: SDiscover: sending 299 byte length DHCP packet
*Nov 26 05:32:47 AEDST: DHCP: SDiscover 299 bytes
*Nov 26 05:32:47 AEDST: B'cast on FastEthernet0/0 interface from 0.0.0.0
*Nov 26 05:32:51 AEDST: DHCP: SDiscover attempt # 3 for entry:
*Nov 26 05:32:51 AEDST: Temp IP addr: 0.0.0.0 for peer on Interface: FastEthernet0/0
*Nov 26 05:32:51 AEDST: Temp sub net mask: 0.0.0.0
*Nov 26 05:32:51 AEDST: DHCP Lease server: 0.0.0.0, state: 3 Selecting
*Nov 26 05:32:51 AEDST: DHCP transaction id: EB5
*Nov 26 05:32:51 AEDST: Lease: 0 secs, Renewal: 0 secs, Rebind: 0 secs
*Nov 26 05:32:51 AEDST: Next timer fires after: 00:00:04
*Nov 26 05:32:51 AEDST: Retry count: 3 Client-ID: cisco-0015.633b.8ba0-Fa0/0
*Nov 26 05:32:51 AEDST: Client-ID hex dump: 636973636F2D303031352E363333622E
*Nov 26 05:32:51 AEDST: 386261302D4661302F30

Peter Paluch · ‎07-27-2023

Hi Adam,

Can you remove the

ip broadcast-address 0.0.0.0 from your Fa0/0

and try again? This is a configuration for very legacy devices that used the destination IP address of

0.0.0.0 as a broadcast

rather than

255.255.255.255

However, DHCP servers commonly listen to

255.255.255.255

this might be the reason. In fact, all you need on your

Fa0/0 is ip address dhcp  and no shutdown

no other manual configuration is required.

Best regards,
Peter

Adam_S · ‎07-27-2023

thanks for the suggestion. I removed the

 ip broadcast 0.0.0.0

command, but
as soon as it tries to broadcast for a DHCP address the router inmediately
adds the command back to the interface config.

##- Please type your reply above this line -#

Peter Paluch · ‎07-27-2023

Adam,

This is getting very weird.

I would like to ask you to share the full output of the

show version and show running-config

I am particularly interested in seeing the value of your configuration register, and some of the old-style configuration that might for some reason be lurking around (such as

no ip classless no ip routing

etc.).

The configuration register might be important because I do recall that there was one bit in it that forced the broadcast address to be either all-zeros or all-ones.

From the debugs, it's clear you are sending out DHCP Discover but never get back an Offer from the server.

Thank you!

Best regards,
Peter

Adam_S · ‎07-27-2023

Cisco-2811#show run
Building configuration...


Current configuration : 4851 bytes
!
version 12.4
service timestamps debug datetime localtime show-timezone
service timestamps log datetime localtime show-timezone
service password-encryption
!
hostname Cisco-2811
!
boot-start-marker
boot system flash:c2800nm-advipservicesk9-mz.124-15.T9.bin
boot-end-marker
!
logging buffered 4096 informational
enable secret 5 X.X.X
!
no aaa new-model
clock timezone AEST 10
clock summer-time AEDST recurring 1 Sun Oct 2:00 1 Sun Apr 2:00
dot11 syslog
!
!
no ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.25.1 192.168.25.100
!
ip dhcp pool LAN
network 192.168.25.0 255.255.255.0
dns-server 1.1.1.1
default-router 192.168.25.1
lease 24
!
!
no ip domain lookup
!
multilink bundle-name authenticated
!
!
voice-card 0
no dspfarm
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
vtp domain home
vtp mode transparent
archive
log config
hidekeys
!
!
!
!
vlan 25
name LAN
!
!
!
!
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ip broadcast-address 0.0.0.0
h323-gateway voip interface
!
interface FastEthernet0/0
description internet
ip address dhcp client-id FastEthernet0/0
ip broadcast-address 0.0.0.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.1.2 255.255.255.252
ip broadcast-address 0.0.0.0
duplex full
speed auto
!
interface FastEthernet0/1/0
switchport access vlan 25
!
interface FastEthernet0/1/1
!
interface FastEthernet0/1/2
!
interface FastEthernet0/1/3
!
interface FastEthernet0/1/4
!
interface FastEthernet0/1/5
!
interface FastEthernet0/1/6
!
interface FastEthernet0/1/7
!
interface FastEthernet0/1/8
!
interface Serial0/3/0
no ip address
ip broadcast-address 0.0.0.0
encapsulation frame-relay
shutdown
clock rate 2000000
!
interface Vlan1
no ip address
ip broadcast-address 0.0.0.0
shutdown
!
interface Vlan25
description LAN
ip address 192.168.25.1 255.255.255.0
ip broadcast-address 0.0.0.0
ip nat inside
ip virtual-reassembly
!
router ospf 100
log-adjacency-changes
network 2.2.2.2 0.0.0.0 area 0
network 192.168.1.0 0.0.0.3 area 0
network 193.168.1.0 0.0.0.3 area 0
!
no ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
!
!
no ip http server
no ip http secure-server
ip nat source list NAT interface FastEthernet0/0 overload
!
ip access-list extended NAT
permit ip 192.168.25.0 0.0.0.255 any
!
!
!
!
!
!
tftp-server flash:/c7921/APPS-1.0.4.SBN alias APPS-1.0.4.SBN
tftp-server flash:/c7921/CP7921G-1.0.4.LOADS alias CP7921G-1.0.4.LOADS
tftp-server flash:/c7921/GUI-1.0.4.SBN alias GUI-1.0.4.SBN
tftp-server flash:/c7921/SYS-1.0.4.SBN alias SYS-1.0.4.SBN
tftp-server flash:/c7921/TNUX-1.0.4.SBN alias TNUX-1.0.4.SBN
tftp-server flash:/c7921/TNUXR-1.0.4.SBN alias TNUXR-1.0.4.SBN
tftp-server flash:/c7921/WLAN-1.0.4.SBN alias WLAN-1.0.4.SBN
tftp-server flash:/c7911new/c7911/apps11.8-3-2-27.sbn alias apps11.8-3-2-27.sbn
tftp-server flash:/c7911new/c7911/cnu11.8-3-2-27.sbn alias cnu11.8-3-2-27.sbn
tftp-server flash:/c7911new/c7911/cvm11sccp.8-3-2-27.sbn alias cvm11sccp.8-3-2-27.sbn
tftp-server flash:/c7911new/c7911/dsp11.8-3-2-27.sbn alias dsp11.8-3-2-27.sbn
tftp-server flash:/c7911new/c7911/jar11sccp.8-3-2-27.sbn alias jar11sccp.8-3-2-27.sbn
tftp-server flash:/c7911new/c7911/SCCP11.8-3-3S.loads alias SCCP11.8-3-3S.loads
tftp-server flash:/c7911new/c7911/term06.default.loads alias term06.default.loads
tftp-server flash:/c7911new/c7911/term11.default.loads alias term11.default.loads
!
control-plane
!
!
!
voice-port 0/2/0
!
voice-port 0/2/1
!
ccm-manager redundant-host 10.12.0.21
ccm-manager mgcp
no ccm-manager fax protocol cisco
ccm-manager music-on-hold bind Loopback0
ccm-manager config server 10.12.0.21
ccm-manager config
!
mgcp
mgcp call-agent 10.12.0.25 2427 service-type mgcp version 0.1
mgcp rtp unreachable timeout 1000 action notify
mgcp modem passthrough voip mode nse
mgcp package-capability rtp-package
mgcp package-capability sst-package
mgcp package-capability pre-package
no mgcp package-capability res-package
no mgcp timer receive-rtcp
mgcp sdp simple
mgcp rtp payload-type g726r16 static
mgcp behavior g729-variants static-pt
!
mgcp profile default
!
!
!
dial-peer voice 999020 pots
service mgcpapp
port 0/2/0
!
dial-peer voice 999021 pots
service mgcpapp
port 0/2/1
!
dial-peer voice 999030 pots
service mgcpapp
!
dial-peer voice 1 voip
destination-pattern 10924
session target ipv4:10.255.255.255
!
!
!
!
call-manager-fallback
max-conferences 8 gain -6
transfer-system full-consult
ip source-address 10.255.255.255 port 2000
max-ephones 5
max-dn 5
!
!
line con 0
line aux 0
line vty 0 4
exec-timeout 0 0
privilege level 15
password 7 X.X.X
login
line vty 5
exec-timeout 0 0
password 7 X.X.X
login
!
scheduler allocate 20000 1000
ntp clock-period 17180114
ntp update-calendar
ntp server 216.239.35.4
sntp broadcast client
!
end

MHM Cisco World · ‎07-27-2023

Enable

dhcp

service

Try add this other config is correct

Adam_S · ‎07-27-2023

This command is not supported.

MHM Cisco World · ‎07-27-2023

Show ip interface breif 
Check vlan 25 svi is up/up
Show ip dhcp server statistics

<<- share this

Adam_S · ‎07-27-2023

Vlan 25

is a different DHCP pool. Its for the hosts connected to the 2811,
its only assigned to 1 port and there is nothing connected to it.

MHM Cisco World · ‎07-27-2023

Your post of config delete' I was see only

192.168.25.0 pool

there are other pool ? The config you share for client or

dhcp server

router?

Peter Paluch · ‎07-28-2023

Adam,

Thank you for the running-config. I am still waiting for the full output of

show version

- this one is very important as I need to see the value of the configuration register. Please attach the

show version

- full and unabbreviated - from the 2811 at your earliest convenience.

Best regards,
Peter

Adam_S · ‎07-28-2023

Cisco-2811#SHOW VERSION
Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(15)T9, RELEASE SOFTWARE (fc5)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Tue 28-Apr-09 13:09 by prod_rel_team

ROM: System Bootstrap, Version 12.4(13r)T5, RELEASE SOFTWARE (fc1)

Cisco-2811 uptime is 36 minutes
System returned to ROM by power-on
System image file is "flash:c2800nm-advipservicesk9-mz.124-15.T9.bin"

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

Cisco 2811 (revision 53.51) with 509952K/14336K bytes of memory.
Processor board ID FTX0943A0PN
11 FastEthernet interfaces
1 Serial(sync/async) interface
1 Virtual Private Network (VPN) Module
2 Voice FXS interfaces
DRAM configuration is 64 bits wide with parity enabled.
239K bytes of non-volatile configuration memory.
1965600K bytes of ATA CompactFlash (Read/Write)

Configuration register is 0x2402

Peter Paluch · ‎07-28-2023

Hello Adam,

Configuration register is 0x2402

... et voilà! Here is the culprit!

https://www.cisco.com/c/en/us/support/docs/routers/10000-series-routers/50421-config-register-use.html#toc-hId--612512991

Your configuration register value translates to these meanings:

- Boots default ROM software if network boot fails (0x2000)
- IP broadcast with all zeros (0x0400)
- Traditional default netboot filename (0x0002)

The correct default setting of your configuration register should be

0x2102

Once you get the chance, please change it and reload the router:

configure terminal
config-register 0x2102
end
copy run start
reload

I have also reviewed your configuration, and you have a few additional problems there that are unrelated to this issue but that would come back and bite you later.

1) You have Cisco Express Forwarding (CEF) disabled. This will decrease the throughput your router can provide, and increases the CPU load when routing packets. Please enable CEF by

configure terminal
ip cef
end

2) Your NAT configuration is partially wrong, partially incomplete.

What's incomplete: Your interface Vlan25 is marked as inside which is okay, but you don't have an interface marked as outside. This is a must without exceptions. Based on your configuration, I assume that it is

FastEthernet0/0

that should be marked as outside.

What's wrong: You have used the

ip nat source list NAT interface FastEthernet0/0 overload

command to specify how the packets should be translated. However, you missed the inside keyword from this command. Without the inside keyword, this command refers to another method and style of NAT configuration we call the NVI style, and that requires different configuration of the interfaces as well

ip nat enable instead of ip nat inside/outside

With your current configuration, the NAT would not work at all.

To fix both issues, configure:

configure terminal
no ip nat source list NAT interface FastEthernet0/0 overload
ip nat inside source list NAT interface FastEthernet0/0 overload
interface FastEthernet0/0
ip nat outside
end

3) Your

default route

is statically configured out the

Fa0/0

interface without a next hop. Pointing a static route out a multi-access interface such as Ethernet without a next hop address is a strong, resounding no. It causes an excessive ARP traffic and an excessively large ARP cache, and is completely dependent on your upstream router having Proxy ARP enabled (it is because such route causes the entire internet to be considered as directly connected on your

Fa0/0

and hence ARP-able). We already saw situations where, through this configuration, the ARP cache grew so large that it caused the router to exhaust all memory and crash - only to exhaust it again, ending in neverending repeated crashes.

I understand you configured it this way because with DHCP, you cannot assume to know the next hop address in advance. However, you do not need to configure any static

default route

if you are using DHCP. If the DHCP assigns you a

default route

it will be put into your routing table automatically without any additional configuration (with an AD of 254). If you still want to configure it statically because you want to give it a better AD, you can do it but you still need to specify the

dhcp

keyword in the static route to avoid the problems specified above.

To fix this:

configure terminal
no ip route 0.0.0.0 0.0.0.0 FastEthernet0/0

! ... and if you insist on having it configured statically because you want to lower its AD:
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0 dhcp
end

Hopefully, this all will make your router work properly.

Please feel welcome to ask further!

Best regards,
Peter