Buy or Renew
Buy or Renew
Register Here! - Join us 11/13 for the "Navigating DHCP Processes in SD-Access Network" Community Live event
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
424
Views
0
Helpful
3
Replies

Need global command for helper address on edge switches?

Go to solution
JustTakeTheFirstStep
Level 4
Level 4

‎03-09-2025 07:25 PM - edited ‎03-09-2025 07:38 PM

 

 

interface Vlan1400
 description Configured from Catalyst Center
 mac-address 0000.0c9f.f253
 vrf forwarding VN1
 ip address 192.168.0.1 255.255.252.0
 ip helper-address 172.16.100.101
 ip helper-address 172.16.100.102
 no ip redirects
 ip route-cache same-interface
 no lisp mobility liveness test
 lisp mobility 192_168_0_0-VN1

 

 

DNAC version 2.3.7.7-70047

I used Lan-automation on the EDGE switch.
The EDGE switch interface is missing the global option for helper-address.
The PC does not get an IP assignment.

IP binding fails when helper-address is 172.16.100.1
IP binding succeeded with helper-address global 172.16.100.1

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
JustTakeTheFirstStep
Level 4
Level 4
In response to Andrii Oliinyk

‎03-10-2025 03:07 AM

https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/tech_notes/sda_dhcp/b_cisco_sda_dhcp.html

interface Vlan3000
 description Configured from apic-em
 mac-address 0000.0c9f.fc17
 vrf forwarding VRF1
 ip address 192.168.101.1 255.255.255.0
 ip helper-address 192.168.103.2 --> Note that the "global" keyword has been removed. DHCP discovery goes through the overlay.

The DHCP server is not on the same subnet.
According to the guide, DNAC no longer uses the global option for helper-address.
We allowed ports 67,68 on the firewall and everything was solved.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Andrii Oliinyk
VIP
VIP

‎03-09-2025 11:42 PM

it's bc 172.16.100.1 is in different VRF. CatC Design/NetworkSettings for DHCP servers per IP-pool doesnt support manipulation with this flag. 

0 Helpful

Go to solution
JustTakeTheFirstStep
Level 4
Level 4
In response to Andrii Oliinyk

‎03-10-2025 03:07 AM

https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/tech_notes/sda_dhcp/b_cisco_sda_dhcp.html

interface Vlan3000
 description Configured from apic-em
 mac-address 0000.0c9f.fc17
 vrf forwarding VRF1
 ip address 192.168.101.1 255.255.255.0
 ip helper-address 192.168.103.2 --> Note that the "global" keyword has been removed. DHCP discovery goes through the overlay.

The DHCP server is not on the same subnet.
According to the guide, DNAC no longer uses the global option for helper-address.
We allowed ports 67,68 on the firewall and everything was solved.

0 Helpful

Go to solution
Andrii Oliinyk
VIP
VIP
In response to JustTakeTheFirstStep

‎03-10-2025 03:21 AM

it's not about subnet but about VRF space. CatC configures helpers under IP-pool w/o any extra stuff like using GRT(INFRA_VN) for DHCP-exchange. Thus to have your DHCP-servers in different VRF & still use it for overlay IP-pools u have enable communications between that VRFs somewhere. Implementing it with FWs in some "central" locations is one of the approaches.

0 Helpful
Customers Also Viewed These Support Documents