Re: DHCP Conflicts on Core Switch

sathish.062 · ‎08-07-2018

Hi Friend,

I am facing issue with one of IP DHCP scope, IP's are conflicting. The scope is configured on Core Switch. Please find below-required information.

Please help me to find the solution.

interface Vlan40

description "VOICE0 10.220.31.128/26"

ip address 10.220.31.129 255.255.255.192

ip pim sparse-dense-mode

ip igmp version 3

end

Pool VLAN40_VOICE0 :

Utilization mark (high/low) : 100 / 0

Subnet size (first/next) : 0 / 0

Total addresses : 62

Leased addresses : 15

Excluded addresses : 17

Pending event : none

1 subnet is currently in the pool :

Current index IP address range Leased/Excluded/Total

10.220.31.161 10.220.31.129 - 10.220.31.190 15 / 17 / 62

ip dhcp pool VLAN40_VOICE0

network 10.220.31.128 255.255.255.192

default-router 10.220.31.129

dns-server 10.220.31.19 10.220.70.121

option 150 ip 10.220.70.67 10.220.70.68 10.220.22.160

004384: Aug 7 2018 22:28:59.060 EDT: %DHCPD-4-PING_CONFLICT: DHCP address conflict: server pinged 10.220.31.156.

004385: Aug 7 2018 22:29:00.066 EDT: %DHCPD-4-PING_CONFLICT: DHCP address conflict: server pinged 10.220.31.157.

004386: Aug 7 2018 22:29:01.073 EDT: %DHCPD-4-PING_CONFLICT: DHCP address conflict: server pinged 10.220.31.158.

004387: Aug 7 2018 22:29:02.088 EDT: %DHCPD-4-PING_CONFLICT: DHCP address conflict: server pinged 10.220.31.159.

Meheretab Mengistu · ‎08-07-2018

It seems that the switch has been reloaded and forgot the leases. As a result, the switch tried to assign IP addresses which were already being used and you got the messages.

Use "clear ip dhcp conflict *" to clear the IP address conflicts and try again.

P.S.:- Please rate helpful answers and solve it once you get the correct solution.

HTH,

Meheretab

HTH,
Meheretab

andresfr · ‎08-07-2018

Hello Sathish,

What's happening is that the Core switch will ping the IP address it intends to allocate to a client before replying to the DHCP request. If the router receives ICMP Echo Reply message (response to ping), the address is obviously in use. If the DHCP conflict logging is enabled (default), the router will log the conflict with a syslog message (not in a separate log file) and put the address on the list of conflicts. The addresses on that list (displayed with show ip dhcp conflict) are not used in the future (similar to the addresses configured with the ip dhcp excluded-addresses command). To reuse a conflicting address, the network operator has to remove it from the list with the clear ip dhcp conflict address (or * for all addresses) command.

Action Plan:

=========

1. Run the following command and share the output

show ip dhcp conflict

2. To reuse conflicting IP address run the following:

clear ip dhcp conflict *

3. Check if you have DHCP database agent configured:

show run | i ip dhcp database

4. If you don't have DHCP databa agent configured (the previous command will return no output) then the solution will be to disable the conflict logging feature with the no ip dhcp conflict logging configuration command. Even without conflict logging, there's no DHCP functionality loss and no chance of duplicate address allocation, as the router would still check whether an IP address is active before allocating it (and later on, it would be willing to re-check the conflicting IP address).

configure terminal

no ip dhcp conflict logging

end

!

wr

If you don't use DHCP database agents and you don't disable conflict logging (default setup), you'll have to clear the conflicts manually after a reload and you might potentially exhaust the DHCP pool because of a large number of blocked conflicting addresses.

----

Similar post:

https://community.cisco.com/t5/routing/dhcp-database-agent/td-p/896134

Documentation just for reference:

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_dhcp/configuration/dhcp-xe-3se-3650-book/config-dhcp-server.html#GUID-5F022CF5-671E-49E7-8FBD-69997EEBC730

Seb Rupik · ‎08-08-2018

Hi there,

Had the core switch been reload prior to you seeing these messages?

They are generated when the DHCP server process tries to allocate an IP address which it believes is free (according to its internal database) but finds it is not.

The fix is to store the DHCP database in a permanent location, either on local flash or remotely (eg TFTP, FTP) so that DHCP lease state is preserved.

cheers,

Seb.

sathish.062 · ‎08-08-2018

Thanks for your reply. Core Switch was rebooted 7 days before but we are facing this for last 2 days. Let me try what you have suggested.

Jerome BERTHIER · ‎08-08-2018

Hi

This starts when dhcp leases begin to expire on device.
Then devices will start to claim a renew of their address, the switch will ping it and so mark it as conflict because already up in the network.

You have to store the database lease on the flash in order to keep it resilient to reload of the switch :
ip dhcp database flash://dhcp-leases

Regards

Jérôme

andresfr · ‎08-08-2018

Hello Sathish,

I hope you're doing great.

Did you have a chance to test the suggested actions?

Please don't forget to share your results so other can benefit as well and consider rating the post.

Regards,