Solved: Hi Christopher,Please try - Page 3

christopher.tatton · ‎05-06-2014

I have an SG500 switch that I'm using in L3 mode and trying to set up a few different VLANs for different things. I'm trying to use the switch to function as a DHCP server on those VLANs and it seems to be working properly. However, i have one VLAN that has an external DHCP server and have not configured a pool for that range. However, clients that plug into that VLAN get a DHCP NAK from the switch when the try to pull an address (in addition to the OFFER they get from the legitmate DHCP server) and this really fouls things up. Is there any way to prevent the switch from sending a DHCP NAK on this VLAN? Removing the interface IP from this VLAN isn't an option as it's the way out for all the other VLANs.

Aleksandra Dargiel · ‎09-14-2014

Hi Christopher,

This should be included in next release 1.4.1. However I would recommend you to open ticket with Cisco Small Business Support team which will attach your case to this bug and if there is any beta firmware you can also test it:

http://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.html

Regards,

Aleksandra

christopher.tatton · ‎11-12-2014

Any update as to when we might see 1.4.1 go live? Six months is a long time to have the DHCP server work improperly.

jialbert · ‎11-14-2014

null

jialbert · ‎11-14-2014

.

jialbert · ‎11-15-2014

Please see attachment to see if that can help on the case, and some routing issues and solutions are also explained.

Solution 1:

[1] change vlan 33 attached to SG500 to new vlan (vlan 34)

[2] SG500 as DHCP server for vlan 34

[3] DHCP ACL filter for vlan 33 on SG500

Solution 2:

[1] add a L2 switch between router & SG500

[2] use ACL to filter DHCP for vlan 33 in SG500

[3] migrate all vlan 33 from SG500 to the new L2 switch

Solution 3:

[1] both router and SG500 as DHCP server for vlan 33

[2] SG500 use DHCP host pool for vlan 33 to prevent any allocation

Ip dhcp server

Ip dhcp pool host 33

Add 192.168.33.1 /24 hardware 0000.0000.0001 // MAC of router

//this add will never be assigned since it’s already used by router

MatthewNat · ‎11-19-2014

I have noticed this same issue on our SG500-52. Though the NAKs don't seem to be affecting anything (well, maybe one embedded device on the network...), it still concerns me that the switch is doing this. And it might in the future cause issues depending on the timing of the NAKs versus the proper DHCP server's response.

I tried creating an ACL for the VLAN (and also to a port) to which the IPV4 interface causing issues is bound, blocking UDP from the switch's source IP on source port 67, dest port 68. But the ACL is not blocking the packets for some reason.

Any timeframe on when 1.4.1 will be released with the fix? Should I open a ticket?

Thanks,

-Matt

jialbert · ‎11-19-2014

Hi Matt,

[1] ACL has no effect on packet from the device itself.

[2] It is better to use single DHCP server for all subnets other than separate ones for different subnets, since the latter has more administrative overhead.

[3] Before the fix in next release under plan, alternative solution is to create a single martian DHCP host pool (an unused host IP of the subnet that binds to a non-existent MAC in the network), which will never be assigned to any host, for the SVI subnet that has another DHCP server.

MatthewNat · ‎05-11-2015

looks like 1.4.1.03 was just released on 5/8.

i haven't flashed it to confirm if it fixes the issue or not.

-matt

DHCP Scopes on SG500