Solved: Re:Have problem with Dhcp function on SG300 / 500 ?

SIRIPHAN SONMANEE · ‎08-16-2013

Have problem with Dhcp function on SG300 / 500 ? now i can use dhcp server on both model but have a problem.

my problem is when i create

vlan 1 : 192.168.0.1/24 dhcp pool 192.168.0.10-250

vlan 10 : 192.168.10.1/24 dhcp pool 192.168.10.10-250

case 1

i plug pc to vlan 1 i can get ip 192.168.0.11. But when i change this pc to a new port in vlan 2 i still get same ip address. why i can not get ip from vlan2.

case 1

i plug pc to vlan 2 i can get ip 192.168.10.11. But when i change this pc to a new port in vlan 1 i still get same ip address. why i can not get ip from vlan1.

but when i access to the switch and clear binding after that i will get correct IP.

i think this is bug from this firmware. Could you help this case.

patrick.hurley · ‎09-28-2013

This is a known bug which Cisco is fixing

Sent from Cisco Technical Support iPad App

View solution in original post

Tom Watts · ‎08-16-2013

Hi siriphan, can you post your config file?

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

SIRIPHAN SONMANEE · ‎09-20-2013

[BEGIN] 8/14/2013 10:05:23 PM

config-file-header

THR-CSW1

v1.3.0.62 / R750_NIK_1_3_647_260

CLI v1.0

set system mode router

file SSD indicator encrypted

@

ssd-control-start

ssd config

ssd file passphrase control unrestricted

no ssd file integrity control

ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0

!

vlan database

vlan 2-6,10

exit

voice vlan oui-table add 0001e3 Siemens_AG_phone________

voice vlan oui-table add 00036b Cisco_phone_____________

voice vlan oui-table add 00096e Avaya___________________

voice vlan oui-table add 000fe2 H3C_Aolynk______________

voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone

voice vlan oui-table add 00d01e Pingtel_phone___________

voice vlan oui-table add 00e075 Polycom/Veritel_phone___

voice vlan oui-table add 00e0bb 3Com_phone______________

ip dhcp server

ip dhcp excluded-address 172.16.10.1 172.16.10.10

ip dhcp excluded-address 172.16.10.251 172.16.10.254

ip dhcp excluded-address 172.16.20.1 172.16.20.10

ip dhcp excluded-address 172.16.20.251 172.16.20.254

ip dhcp excluded-address 172.16.30.1 172.16.30.10

ip dhcp excluded-address 172.16.30.251 172.16.30.254

ip dhcp excluded-address 172.16.40.1 172.16.40.10

ip dhcp excluded-address 172.16.40.251 172.16.40.254

ip dhcp excluded-address 172.16.50.1 172.16.50.10

ip dhcp excluded-address 172.16.50.251 172.16.50.254

ip dhcp excluded-address 172.16.99.1 172.16.99.20

ip dhcp excluded-address 192.168.0.1 192.168.0.20

ip dhcp excluded-address 192.168.0.251 192.168.0.254

ip dhcp pool network Civil

address low 172.16.50.1 high 172.16.50.254 255.255.255.0

lease infinite

default-router 172.16.50.1

dns-server 172.16.50.10 203.113.24.199 203.113.127.199

exit

ip dhcp pool network Consult

address low 172.16.20.1 high 172.16.20.250 255.255.255.0

lease infinite

default-router 172.16.20.1

dns-server 172.16.50.10 203.113.24.199 203.113.127.199

exit

ip dhcp pool network Customer

address low 172.16.10.1 high 172.16.10.250 255.255.255.0

lease infinite

default-router 172.16.10.1

dns-server 172.16.50.10 203.113.24.199 203.113.127.199

exit

ip dhcp pool network MgMT

address low 172.16.99.1 high 172.16.99.254 255.255.255.0

lease infinite

default-router 172.16.99.1

dns-server 172.16.50.10 203.113.24.199 203.113.127.199

exit

ip dhcp pool network Thaiouihoma

address low 192.168.0.1 high 192.168.0.250 255.255.255.0

lease infinite

default-router 192.168.0.1

dns-server 172.16.50.10 203.113.24.199 203.113.127.199

exit

ip dhcp pool network Wifi-Guest

address low 172.16.40.1 high 172.16.40.250 255.255.255.0

lease infinite

default-router 172.16.40.1

dns-server 203.113.24.199 203.113.127.199

exit

ip dhcp pool network Wifi-Thaiouihoma

address low 172.16.30.1 high 172.16.30.250 255.255.255.0

lease infinite

default-router 172.16.30.1

dns-server 172.16.50.10 203.113.24.199 203.113.127.199

exit

bonjour interface range vlan 1

ip access-list extended Block-Guest

deny ip any 172.16.10.0 0.0.0.255

deny ip any 172.16.20.0 0.0.0.255

deny ip any 172.16.40.0 0.0.0.255

permit ip any any

exit

hostname THR-CSW1

username admin password encrypted d1a523896bf0c6c032a0e9bb1e9e9c425afe301b privilege 15

snmp-server location Rayong

snmp-server contact ITsolutions

ip telnet server

!

interface vlan 1

ip address 172.16.99.1 255.255.255.0

no ip address dhcp

!

interface vlan 2

name Civil

ip address 172.16.50.1 255.255.255.0

!

interface vlan 3

name Customer

ip address 172.16.10.1 255.255.255.0

!

interface vlan 4

name Consult

ip address 172.16.20.1 255.255.255.0

!

interface vlan 5

name Wifi-Thaiouihoma

ip address 172.16.30.1 255.255.255.0

!

interface vlan 6

name Wifi-Guest

ip address 172.16.40.1 255.255.255.0

!

interface vlan 10

name Thaiouihoma

ip address 192.168.0.1 255.255.255.0

!

interface gigabitethernet1

description Connect->Teaming-NIC-HP-Server

channel-group 1 mode on

service-acl input Block-Guest

switchport mode access

!

interface gigabitethernet2

description Connect->Teaming-NIC-HP-Server

channel-group 1 mode on

service-acl input Block-Guest

switchport mode access

!

interface gigabitethernet3

description Connect->IBM-Server

service-acl input Block-Guest

switchport mode access

switchport access vlan 2

!

interface gigabitethernet4

description Link->AP1

switchport trunk allowed vlan add 2-6,10

!

interface gigabitethernet5

description Connect->SG200

switchport trunk allowed vlan add 2-6,10

!

interface gigabitethernet6

description Coonect->IBM-Server

service-acl input Block-Guest

switchport mode access

switchport access vlan 10

!

interface gigabitethernet7

service-acl input Block-Guest

switchport mode access

switchport access vlan 10

!

interface gigabitethernet8

service-acl input Block-Guest

switchport mode access

switchport access vlan 10

!

interface gigabitethernet9

service-acl input Block-Guest

switchport mode access

switchport access vlan 10

!

interface gigabitethernet10

service-acl input Block-Guest

switchport mode access

switchport access vlan 10

!

interface gigabitethernet11

service-acl input Block-Guest

switchport mode access

switchport access vlan 10

!

interface gigabitethernet12

service-acl input Block-Guest

switchport mode access

switchport access vlan 10

!

interface gigabitethernet13

description Connect->Teaming-NIC-HP-Server

channel-group 1 mode on

service-acl input Block-Guest

switchport mode access

!

interface gigabitethernet14

description Connect->Teaming-NIC-HP-Server

channel-group 1 mode on

service-acl input Block-Guest

switchport mode access

!

interface gigabitethernet15

description Connect->IBM-Server

service-acl input Block-Guest

switchport mode access

switchport access vlan 2

!

interface gigabitethernet16

description Link->AP2

switchport trunk allowed vlan add 2-6,10

!

interface gigabitethernet17

description Connect->SG200

switchport trunk allowed vlan add 2-6,10

!

interface gigabitethernet18

service-acl input Block-Guest

switchport mode access

switchport access vlan 2

!

interface gigabitethernet19

service-acl input Block-Guest

switchport mode access

switchport access vlan 2

!

interface gigabitethernet20

service-acl input Block-Guest

switchport mode access

switchport access vlan 2

!

interface gigabitethernet21

service-acl input Block-Guest

switchport mode access

switchport access vlan 2

!

interface gigabitethernet22

service-acl input Block-Guest

switchport mode access

switchport access vlan 2

!

interface gigabitethernet23

service-acl input Block-Guest

switchport mode access

switchport access vlan 2

!

interface gigabitethernet24

service-acl input Block-Guest

switchport mode access

switchport access vlan 2

!

interface gigabitethernet25

switchport mode access

!

interface gigabitethernet28

description Link->Router

switchport mode access

!

interface Port-channel1

description Connect->Server-HP

switchport mode access

switchport access vlan 10

!

exit

ip default-gateway 172.16.99.254

THR-CSW1#

it very simple config

if i connect port with pc it can get ip address but when i move that pc to another vlan i still get the same ip so i move the other vlan. i still remember old ip address. i must access to switch and delete arp and ip binding from web interface.

Many thank for kindly support.

Tom Watts · ‎09-21-2013

This is pretty normal behavior. You can lower the arp time out. Otherwise you'd need to wait for the current arp to expire.

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

SIRIPHAN SONMANEE · ‎09-21-2013

I think it not normal because I use another vlan but I got ip address from the past port. It different.

Sent from Cisco Technical Support Android App

Tom Watts · ‎09-21-2013

No it's not different. A vlan is a layer 2 function and IP is layer 3 function. When your ARP expires you will get the expected IP address.

The solution is lower your ARP time out or let your old ARP expire.

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

viningele · ‎09-21-2013

Apparently the arp and dhcp lease/binding tables are global or common to all vlans and dhcp pools so when you unplug from one port/vlan your mac is still in a table associated to that particuler address and then when you unplug and then plug into another port that's assigned to another vlan/dhcp pool and your pc issues a dhcp request but your still in the table and the switch erronoiusly assumes your bound to the last IP because you're still listed in those tables so that's what you get, the same IP despite the fact you're in a completely different vlan possibly with a different dhcp pool.

Normally a host doesn't dynamically or manually change vlans like you're doing with your pc as you set up and test your network so normally this is a non issue and that's why it's not considered a bug. However I have written programs in the past that do programmatically change a port's access vlan in order to join a particular vlans video multicast group so I do think this is indeed a bug that should be fix even though in most situations its just an annoyance while testing.

patrick.hurley · ‎09-28-2013

This is a known bug which Cisco is fixing

Sent from Cisco Technical Support iPad App

SIRIPHAN SONMANEE · ‎12-09-2013

yes now this problem was solve from the lastest firmware.