I have a situation where a specific unit on my network is booting using BOOTP.
The unit is connected to a stack of two Cat3750X switches running IOS 12.2(55)SE1. The server and client is on the same VLAN on the same physical switch, so it is purely L2 between the server and client. The BOOTP server is a computer running a specific software connected to the switch. There is no DHCP server on the switch. IP-helper is not configured on the switch.
If I do a monitor-session on the client port I can see the BOOTP request packet enter the switch, however this packet is never flooded out of any ports in the switch, so the BOOTP server never receives the request. I have tested the server and client in a cheap dumb switch and there it is working just fine. Regular DHCP requests are flooded correctly.
It appears the there is something in the clients BOOTP request that is not correct, since the Cisco switch apparently discards the packet.
Are there any BOOTP gurus that can have a look on the attached (Wireshark) BOOTP client request and perhaps determine if it is infact malformed? Or perhaps just have an idea as to why the switch is not flooding the packet. Anyone know the meaning of the BOOTP broadcast flag in a client boot request?
Thank you in advance
I've not the possibility at the moment to do this test, but on your switch is configured dhcp or bootp services? have you tried to do this command ?no ip bootp service and no service dhcp... or no ip dhcp service... i don't remember the correct sintax..
Let us know
The problem is related to your dhcp helper address. dhcp is an extended version of bootp and it uses the same port numbers. If you monitor carefully, you should be able to observe the outgoing unicast packet to the helper address.
This explains why the broadcast is not flooded.
Perhaps the easiest way to resolve this problem (while preserving the dhcp forwarding) is to add another helper address pointing to the server which is supposed to receive this specific request.
Disabling bootp forwarding is another option; it is on by default:
Thank you for your replies. Just wanted to post an update. We've currently a case open with TAC who are investigating the issue. I will let you know what the result of the case is.
Igijssel: We don't have any IP helpers configured on the switch, so I don't think that it is to blaime?
Hi Jesper i have tha exactly same problem with a couple of cisco 2960G.. can you tell me how to fix this?
Are you using port-security on any of the switchports at all?
What IOS version is the switch using?
I had the same issue and all I had to do was enable spanning tree portfast on the ports where my clients were connected, apparently the clients were not waiting long enough (ports to complete its cycle of listening, learning, forwarding) to get an IP.
Just a final follow-up.
We opened a TAC case and Cisco was unable to find any errors of any kind, but they saw and acknowledged the issue. We also tried to do a reboot of the stack which did not help. While still fault-finding, i went on a three week vacation. Before going on vacation I did a "no switchport port-security" on all interfaces in the stack.
Those three weeks with port-security off apparently did the trick as the issues was gone when I got back. Strange...