Cisco SG250 not passing DHCP traffic on same vlan across trunk.

michiganbroadband · ‎04-23-2020

Very simple setup and I'm getting no DHCP traffic across a VLAN trunk on the same VLAN.
If I configure static IP on the problem end it works fine.
I have deployed a number of SG-200 switches in a number of locations and have never had this problem.
I'm not sure if it's due to layer 3 functionality in the SG250 or not.
I do not need layer 3 functionality.
This post is a placeholder.
I probably have some reading & testing to do ahead of me.
I'm unfamiliar with the SG250.
I'm trying to do a pretty basic simple setup and htis thing is fighting me every step of the way for hours now.
It's been one thing after another including not being able to simply set the static IP address on the management VLAN.
There's a "workaround" which I of course found but it looks like it has not been fixed since 2018.
And then the auto smartports stuff.. many of my ports magically changing all by themselves into a configuration that does not work. I turned that off.
It's 11:30 PM local time I've been beating this for hours and not getting anywhere.
Had to put the SG200 back in place to get it working again.
It's a big manual I'll be reading it.
If you have any pointers why the SG250 will not pass DHCP while the SG200's do it fine I'd love a pointer or two.
Must be something on by default blocking it. (I have nto found it)..
And I'm wondering if 'layer3 functionality' is responsible or not.
Thanks!
Steve

michiganbroadband · ‎04-23-2020

Just for clarification this is NOT a router subnet.
Just bridged across a tagged vlan.
Tried ports in access and trunked mode to get on the vlan.
Works as expected except for DHCP not passing across the tagged VLAN trunk.

Georg Pauwen · ‎04-24-2020

Hello,

go to:

IP Configuration > IPv4 Management and Interfaces >DHCP Snooping/Relay > Properties.

and select:

• DHCP Relay—Select to enable DHCP Relay

Does that make a difference ?

michiganbroadband · ‎04-24-2020

Hi!

Pretty sure I tried this (late at night)
I have the switch back at my test bench and will try it again and let you know what happens.

This has always worked with an SG200 on each end.
This is my first SG250 I have tried.. there is an SG200 at the far end where I am not getting the DHCP from
These VLANs are isolated from each other.
If we are using DHCP there is a single individual DHCP server at the far end on the VLAN.
This is not on a different network or subnet.
Thanks!

michiganbroadband · ‎04-24-2020

Hi Georg,

I do not see this option there.

Under IPv4 Management and Interfaces

Only options are:

IPv4 Interfaces
IPv4 Static Routes
IPv4 forwarding Table

This is an SG250 with latest firmware: 2.5.0.92

Thanks!
Steve

michiganbroadband · ‎04-24-2020

Oh wait, GUI defaults to "basic"
:(
I'll try this again.

michiganbroadband · ‎04-24-2020

Still no DHCP snooping option. in advanced view.

michiganbroadband · ‎04-24-2020

There is DHCP Relay but there is not DHCP snooping.

I tried turning on DHCP Relay for the VLAN last night and it made no difference.

michiganbroadband · ‎04-24-2020

I just tried it again.. and it's working on the test bench. (DHCP Relay applied to the specific VLAN).
Not sure why it didn't work last night on site.

Round Two *FIGHT!*

Maybe the SG200 turns this on by default?
Or at least it seems to pass this and work by default.

paul driver · ‎04-24-2020

Hello
What you have stated doesn’t seem correct.
You have a dhcp server running on your network connected to a switch that has only L2 capabilities but your using trunks, which suggest multiple vlans, and if you have those then you require L3 routing which you state you don’t require?

Do you have a topology diagram you could share it would assist in providing a possible solution?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

michiganbroadband · ‎04-24-2020

Hi,

I have several vlans.
They are NOT routed to each other in any way and are isolated from each other.
I use tagging to transport them across a trunk port to the far end.
Trunk between the sites had default vlan1 on the trunk port and several tagged vlans (2,3,4,5) on the trunk port.
I have certain ports at each end configured to only use the vlans 2 3 4 or 5 at both sites.
The vlans are separated and do not interact with each other, no routing or any for of cross communication.
If using DHCP there is a DHCP server on one of the configured ports for that VLAN.
This works perfectly and as expected with an SG200 at each end.
I have introduced an SG250 to replace one of the SG200 switchs and have run into this problem.
*repeating myself a few times here sorry.
Each has it's own DHCP server (if DHCP is being used on that network).
It's pretty simple.
And it works good with any of the SG200 switches.
I am trying out the SG250 at one of the far ends and not getting the DHCP there except on default VLAN 1.
I trunk the vlans to the remote site (tagged) and distribute them to access ports at the far end on the SG250.
Everything works as expected except DHCP.

I can draw out a diagram if needed.

Pretty simple though.
Thanks!

michiganbroadband · ‎04-24-2020

This is crude.
Not used visio in over 20 years.

paul driver · ‎04-24-2020

Hello
Dhcp relay shouldn't make any difference here as the the client resides in the same vlan as the server in the same broadcast domain -

if applicable just for testing can you make the trunk interconnecting the two switches an access port in vlan 2 and test again ?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

michiganbroadband · ‎04-24-2020

At the end of the day everything works (without DHCP relay or snooping).
SG250 does not seem to have snooping option.
This is all my fault I've gone full stupid.
It was a long day and a new product that I am learning.
I completely forgot that about two years ago I moved the DHCP server to the other end (locally where I was working at)
Versus the far end where it used to be.
Just had it stuck in my head that the DHCP server was located at the far end and not locally :(
Even though I had documented the DHCP server move in the past.
Still had it stuck in my head where I thought it was located.
For the life of me I have not figured out why my test bench setup appeared to have the same 'problem' .
And why turning on DHCP relay for the VLAN appeared to 'fix' it.
I can only assume multiple layers of stupid on my part this time around.
Everything is working as expected now.
Except the Administrative Auto Smartport stuff.
I don't get it. had to disable it. Ports kept doing some strange things I didn't understand and breaking the system.
Also after disabling that and getting everything stable I keep seeing the flashing "save" button when nothing
has been changed anywhere. and especially after reboots/power cycles.

Also on the far end every single port turned into a trunk instead of access.
I know for sure I didn't do that. and rebooting it didn't fix it and I never clicked on save. Ever!
Weird stuff.
Still works that way but I'm uneasy about it and it's far away.
Won't be able to fix it soon.