cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

CISCO SWITCHES FOR SMALL and MEDIUM BUSINESS

Introducing the next generation of Cisco Small and Medium Business Switches. Cisco is refreshing its SMB Switch portfolio. Click here  to learn more.


2040
Views
25
Helpful
39
Replies
Highlighted

Firmware 1.4.0.88 for SG300-52 appears to break DHCP Relay

My VLANs terminate at my switches, so I use DHCP relay with Option82 to hand out addresses for the VLAN subnet. After upgrading from 1.3.7.18 to 1.4.0.88, DHCP isn't being handed out on my VLANs. Anyone else having this problem?

2 ACCEPTED SOLUTIONS

Accepted Solutions
Highlighted
Beginner

I'm just setting up DHCP

I'm just setting up DHCP relay for the first time with my SG 300-28, firmware 1.4.0.88 and noticed that the DHCPDISCOVER promulgated by the relay had the same source and destination port (67), whereas the original DHCPDISCOVER used 67 & 68. Furthermore the 1.3.7.18 firmware doesn't swap these around:

Snippets from Wireshark:

1.4.088 -

Original DHCPDISCOVER from client:

User Datagram Protocol, Src Port: bootpc (68), Dst Port: bootps (67)

Relayed DHCPDISCOVER from SG300:

User Datagram Protocol, Src Port: bootps (67), Dst Port: bootps (67)

 

That looks a little suspicious to me

 

1.3.7.18

Original DHCPDISCOVER from client:

User Datagram Protocol, Src Port: bootpc (68), Dst Port: bootps (67)

Relayed DHCPDISCOVER from SG300:

User Datagram Protocol, Src Port: bootpc (68), Dst Port: bootps (67)

 

I'm not certain that that's your issue (it didn't fix my problem), but thought I'd point it out

 

 

View solution in original post

Highlighted
Beginner

You can find tcam utilisation

You can find tcam utilisation mix in GUI :

"Administration - Routing resources"

or in CLI

#Conf T

#System router resources ip xxx

 

In new firmware Default value is 128, so a maximum of 128 IPv4 routed. I dont remember to see this parameters in firmware 1.0.0, i belive that in prior firmware the switch use IPv4 TCAM until he had ressource left.

 

You have maximum 466 tcam ressources in SG300, you have to find right balance between max IPv4 routed hosts and route/interface/qos/ACL utilisation. My case i've chose to raise it to 384 (256 today because actualy I can't reboot switch in production environement) and let 82 TCAM ressource for non ip rules.

 

I hope it help.

View solution in original post

39 REPLIES 39
Highlighted
Beginner

Hi, Boot code need to be

Hi,

 

Boot code need to be upgraded for version  1.4.0.88.Kindly disable the DHCP realy and enable it again.

Kindly check in below URL :  Release notes(Check page no:13)

 

http://www.cisco.com/c/dam/en/us/td/docs/switches/lan/csbms/sf30x_sg30x/release_notes/R_1_4_RN.pdf

 

regards

Moorthy

 

Highlighted

Yes, the boot code was

Yes, the boot code was upgraded at the same time the switch firmware was.

I tried:

1. Disable DHCP relay

2. Save

3. Reboot

4. Enable DHCP relay

5. Save

6. Reboot

 

And it still does not appear to work...

Highlighted
Cisco Employee

Hi Jonathan,I would recommend

Hi Jonathan,

I would recommend you to double check the configuration file. If the DHCP relay is actually present under correct interfaces and if so then another step would be packet capture on this interface to see if the bootp packets are leaving switch.

Regards,

Aleksandra

Highlighted

Right now the switch is

Right now the switch is running 1.3.7, but:

ip dhcp relay address 192.168.127.129
ip dhcp relay enable
ip dhcp information option

 

 

I did pcaps while running 1.4, they show the bootp packets leaving the switch but not entering. It's fairly trivial to reproduce this bug with an SG300 because it has dual firmware. Set to 1.3 as the active image, it works, set to 1.4, it doesn't work. You can flip back and forth between them without changing the config to reproduce the problem.
Highlighted
Cisco Employee

Hi Jonathan,r u running any

Hi Jonathan,

r u running any type of voice vlan? can you email me your config file via private message?

Aleksandra

Highlighted

No Auto Voice VLAN.  config

No Auto Voice VLAN. 

 

config sent in pm.

Highlighted
Cisco Employee

You have to do it from your

You have to do it from your profile, it has change :-)

Highlighted
Cisco Employee

Hi Jonathan,I have done the

Hi Jonathan,

I have done the test with your configuration file as below:

port gi51 - Windows server 2008

port 1- phone SPA504G

show mac address-table indicates that server is in VLAN 1 while phone in VLAN 124.

I kept bootcode 1.3.5.06 and swap images 1.4.0.88 or 1.3.7.18

 

Results:

DHCP realy works as expected with both images. I cannot see any problem unless I choose wrong port for server as only 50 and 51 are ip dhcp snooping trusted in your configuration.

 

 Regards,

Aleksandra

Nuts. I have 4 switches with

Nuts. I have 4 switches with nearly the exact same configuration and this issue is reproducible on every single one of them.

 

Is your sg300 in L3 mode and is the DHCP server set to hand out the sg300 as the default gateway to anyone requesting something from vlan 124? 

Highlighted
Cisco Employee

Hi Jonathan,I have your

Hi Jonathan,

I have your configuration added manually via CLI. Plugged in DHCP server to port 51 with IP 192.168.127.129/24 and DHCP pool 192.168.124.0/24 which is your VLAN 124 where all the ports are from 1-48. Packet capture shows DHCP Discovery unicast with scr IP 192.168.124.62 dst 192.168.127.129 and DHCP Offer with Client IP 192.168.124.1 and option 3 (router) 192.168.124.62.

all works with no changes in your configuration. To be precise I did not only copy you password settings.

Is your bootcode the same as mine?

Is your server connected to port gi51 or 52?

Aleksandra

 

Highlighted

Just checked... bootcode is 1

Just checked... bootcode is 1.3.5.06, uplink is 51

 

Any other ideas? Could I try your config on mine?

 

Highlighted

Not that I think it'll make a

Not that I think it'll make a difference, but DHCP hands out IP 192.168.124.0/26  with the lowest 192.168.124.1 reserved, and the highest:192.168.124.62 reserved (because that's the sg300's gateway address on VLAN 124)

Highlighted

wait how do I send you a

wait how do I send you a private message? I clicked on your name and I don't see the option anywhere

Highlighted
Beginner

I'm just setting up DHCP

I'm just setting up DHCP relay for the first time with my SG 300-28, firmware 1.4.0.88 and noticed that the DHCPDISCOVER promulgated by the relay had the same source and destination port (67), whereas the original DHCPDISCOVER used 67 & 68. Furthermore the 1.3.7.18 firmware doesn't swap these around:

Snippets from Wireshark:

1.4.088 -

Original DHCPDISCOVER from client:

User Datagram Protocol, Src Port: bootpc (68), Dst Port: bootps (67)

Relayed DHCPDISCOVER from SG300:

User Datagram Protocol, Src Port: bootps (67), Dst Port: bootps (67)

 

That looks a little suspicious to me

 

1.3.7.18

Original DHCPDISCOVER from client:

User Datagram Protocol, Src Port: bootpc (68), Dst Port: bootps (67)

Relayed DHCPDISCOVER from SG300:

User Datagram Protocol, Src Port: bootpc (68), Dst Port: bootps (67)

 

I'm not certain that that's your issue (it didn't fix my problem), but thought I'd point it out

 

 

View solution in original post