Catalyst WS-C3650-48PD switch not passing DHCP info to PCs on ports 24-48

Damon Williams · ‎06-14-2016

I have an unique issue after configuring a 3650 switch setup as an access Layer 2 switch. For some odd reason nodes (PCs, laptops) are able to receive their DHCP IP info on ports 2-24 with no issue but not on ports 25-48. The trunk port is on port 1 (g1/0/1) which is connected to another access Layer 2 switch. The latter switch is connected to the core switch.

Vlan 212 is the data vlan and vlan 213 is the voice... both vlans are configured on ports 2-48 and the trunk is passing the vlans to it. I know for a fact the DHCP pool subnets for vlan 212 & 213 (10.210.2.0/24 & .3.0/24) are not used up so why would the devices not receive the IP info? Any device connected on ports 2-24 on vlan 212 & are able to reach internet. Anybody has a solution this?

Below is the configuration

!
version 15.0
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service compress-config
!
!
boot-start-marker
boot system switch all flash:packages.conf
boot-end-marker
!
!
vrf definition Mgmt-vrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
logging buffered informational
logging console informational
aaa new-model
!
!
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authorization exec default group tacacs+ if-authenticated
aaa authorization commands 15 default group tacacs+ if-authenticated
aaa authorization network default group tacacs+ if-authenticated
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 15 default stop-only group tacacs+
aaa accounting network default start-stop group tacacs+
!
!
!
!
!
!
aaa session-id common
clock timezone AR -3 0
switch 1 provision ws-c3650-48pd
!
no ip domain-lookup
ip device tracking
!
!
!
table-map AutoQos-4.0-Trust-Cos-Table
default copy
!

!
!
!
!
!
diagnostic bootup level minimal
spanning-tree mode pvst
spanning-tree extend system-id
!
redundancy
mode sso
!
!
ip ssh version 2
!
class-map match-any non-client-nrt-class
match non-client-nrt
!
policy-map port_child_policy
class non-client-nrt-class
bandwidth remaining ratio 10
!
!
!
!
!
!
interface GigabitEthernet0/0
vrf forwarding Mgmt-vrf
no ip address
negotiation auto
!
interface GigabitEthernet1/0/1
switchport mode trunk
!
interface GigabitEthernet1/0/2
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/3
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/4
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/5
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/6
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/7
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/8
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/9
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/10
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/11
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/12
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/13
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/14
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/15
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/16
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/17
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/18
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/19
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/20
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/21
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/22
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/23
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/24
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/25
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/26
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/27
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/28
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/29
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/30
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/31
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/32
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/33
switchport access vlan 212
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/34
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/35
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/36
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/37
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/38
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/39
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/40
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/41
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/42
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/43
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/44
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/45
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/46
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/47
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/0/48
switchport access vlan 212
switchport mode access
switchport voice vlan 213
spanning-tree portfast
!
interface GigabitEthernet1/1/1
switchport mode trunk
!
interface GigabitEthernet1/1/2
!
interface TenGigabitEthernet1/1/3
!
interface TenGigabitEthernet1/1/4
!
interface Vlan1
no ip address
no ip route-cache
shutdown
!
interface Vlan211
ip address 10.210.1.11 255.255.255.0
no ip redirects
no ip route-cache
!
ip default-gateway 10.210.1.1
ip http server
ip http authentication local
no ip http secure-server
!
!
snmp-server enable traps vtp
snmp-server enable traps vlancreate
snmp-server enable traps vlandelete
snmp-server enable traps envmon fan shutdown supply temperature
snmp-server enable traps port-security
snmp-server enable traps entity
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps bridge newroot topologychange
snmp-server enable traps stpx inconsistency root-inconsistency loop-inconsistency
snmp-server enable traps syslog
snmp-server enable traps mac-notification change move threshold
snmp-server enable traps vlan-membership
!
tacacs-server host 10.208.93.24
tacacs-server directed-request
tacacs-server key 7 06110E33404B1D14001E1C
!

!
line con 0
exec-timeout 30 0
logging synchronous
stopbits 1
line aux 0
exec-timeout 30 0
logging synchronous
stopbits 1
line vty 0 4
exec-timeout 30 0
length 0
transport input telnet ssh
line vty 5 15
exec-timeout 30 0
transport input telnet ssh
!
ntp peer 10.208.87.23
wsma agent exec
profile httplistener
profile httpslistener
wsma agent config
profile httplistener
profile httpslistener
wsma agent filesys
profile httplistener
profile httpslistener
wsma agent notify
profile httplistener
profile httpslistener
!
wsma profile listener httplistener
transport http
!
wsma profile listener httpslistener
transport https
ap group default-group
end

saarbue5flsw1#

Philip D'Ath · ‎06-14-2016

What software version are you running on your switch?

Damon Williams · ‎06-14-2016

SW. Ver: 03.03.05SE

SW Image: cat3k_caa-universalk9

Philip D'Ath · ‎06-14-2016

That is not a good release of code. Before you do any further investigation upgrade to 3.6.4E.

https://software.cisco.com/download/release.html?mdfid=284850605&softwareid=282046477&release=3.6.4E&relind=AVAILABLE&rellifecycle=MD&reltype=latest

Damon Williams · ‎07-06-2016

Hi Philip,

In case this issue may occur again, the 3650 switch had an issue with one of it's ASICs that has been documented for the C3850-48P switch. Unfortunately there was no work around for the C3650-48P except having Cisco replace the switch via RMA. Upgrading the IOS to the recommended version or latest version did not fix the problem. Below are the detailed symptoms from Cisco:

Traffic not forwarding on access ports on one ASIC, while Mac&ARPareLearn

CSCux39091

Description

Symptom:
A WS-C3850-48P may not forward packets out of the ports associated with either forwarding ASIC 1 (port 1-24) or forwarding ASIC 0 (ports 25-48). During the packet loss the EGR_MISC_FATAL_ERROR counter increments in the "show controllers ethernet-controller port-asic statistics exceptions switch {switch#}” command output for the effected ASIC

Conditions:
The issue can be seen if the switch is doing L3 or L2 forwarding. MAC and ARP table entries are complete

The issue has been seen until now on a WS-C3850-48P running 3.3.5 and 3.3.0

Workaround:
The issue was resolved after an upgrade to 3.6.3. It is unclear at this point whether the code upgrade or the switch reload fixed the issue

Further Problem Description:

Customer Visible

Add Notification

Save Bug

Open Support Case (0)

Details

Last Modified:

Jun 4,2016

Status:

Terminated

Severity:

2 Severe

Product:

(1)

Cisco Catalyst 3850 Series Switches

Known Affected Releases:

(1)

n/a

Known Fixed Releases:

(0)

No release planned to fix this bug

johnd2310 · ‎06-14-2016

Hi,

Have you tried defaulting interfaces 25-48 and reapplying the config to these ports?

Thanks

John

**Please rate posts you find helpful**

Damon Williams · ‎06-15-2016

Hi John,

I removed the commands under ports 25-48 and reapplied them. The issue still occurred

Philip D'Ath · ‎06-15-2016

Have you tried the software upgrade I recommended? I wouldn't waste time doing much else until that is done. You are not using a good version of code.

Damon Williams · ‎06-15-2016

Yep I updated the software version. I'm still having the same issue.

This is the only access layer 2 switch not directly connected to the core switch. There's a trunk going to an access switch to get to the core switch. Apparently this is the only switch having this issue.

Philip D'Ath · ‎06-15-2016

You just triggered something in my memory - core switch. I assume the core switch is where the DHCP server is?

Any chance the core switch has DHCP snooping or something else configured which might be blocking this?