cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2881
Views
0
Helpful
19
Replies

DHCP Issues with VLAN setup

ALIAOF_
Level 6
Level 6

I ran into a non standard network setup and there seems to be many DHCP Bad Address issues happening on the DHCP server. 

This is a Windows DHCP server with second DHCP server as a backup.

Attached diagram shows how things are setup. 

 

Basically two /24's have been carved out of Site2's /16 network and setup as secondary addresses on the Site1's L3 switch.

 

There are two static routes on Site1 router for the two /24's.  Would the secondary IP's cause issues in this case? 

 

Looking for thoughts on this, thank you in advance.

19 Replies 19

Hello,

 

how is the backup DHCP server set up, did you split the scope ? Since you have two IP helper addresses, the clients will get an IP address from the first server to respond. The secondary addresses should not be a problem.

Second DHCP is failover so it is supposed to only respond back if the primary is down.

 

Reza Sharifi
Hall of Fame
Hall of Fame

Hi,

What type of devices are these? If these are switches, you don't have to have secondary addresses. You can simply use vlans with SVIs. Also, is the DHCP server reachable from all networks? Can the DHCP server reach all networks in both site1 and 2?

HTH

These are switches and yes VLAN's would have been my preferred method but God knows who set it up like this and why.  I am just curious since the IP range of secondary IP's is from Site2's VLAN1 if somehow that is generating two DHCP requests?

 

Yes DHCP server can access all sites.

Hello,

 

--> I ran into a non standard network setup and there seems to be many DHCP Bad Address issues happening on the DHCP server. 

 

With bad DHCP addresses you mean what exactly ? The clients get addresses from the wrong scope ?

No, running into this issue.

 

https://www.petenetlive.com/KB/Article/0001651

 

Hello,

 

have you tried to enable IP address conflict detection on the Windows machine ?

 

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd183587(v=ws.10)?redirectedfrom=MSDN

 

Also, do the logs give any indication which MAC address(es) are generating the BAD_ADDRESS entries ?

 

 

Yes checked with the customer couple of times and he said that it is enabled.

 

Logs show the MAC?  I don't think there are any MAC's in the MS Windows DHCP logs.

Hello,

 

are the clients getting IP addresses just for the primary subnet, or also for the secondary address subnets ?

Secondary are static only.  DHCP is only for the 10.21.0.0/16 network.

Hello,

 

the logs, by default, are in the C:\Windows\System32\dhcp directory. There should be one log file per day. Ask the customer to send you one of these files, and check if there is a MAC address that shows up very often. If so, try and find the device that belongs to that MAC address. A bad NIC could cause this...

Hi,

 

     Having two "ip helper-address" configured, it means the router will relay a received DHCP Discovery message, as unicast, to both configured helper-addresses (your DHCP servers); both will reply, and the client will continue the discussion with the server from which the first reply was received (for obvious reasons, faster IP address assignment). If both DHCP servers are using the same scope, both may end up leasing the same IP addresses (you should split the scope or have it configured in active/standby if supported).

     By default, the DHCP Relay Agent on Cisco devices, will set in the relayed DHCP unicast packet, the "giaddr"value to the primary IP address of the interface where the DHCP Discovery was received. 

    In case you want the DHCP server to assign addresses for the secondary subnets configured on the DHCP Relay Agent, you need to configure "ip dhcp smart-relay" on the Relay Agent, which means the following changes: only in case the Relay Agent receives no  DHCP OFFER from the configured helper-addresses, it retries three times, and afterwards set the "giaddr" value to the first configured secondary address of the interface where the DHCP Discovery was received; if it still gets no DHCP OFFER, it retries three times and afterwards sets the "giaddr" value to the next configured secondary address of the interface where the DHCP Discovery was received.

 

     So from the DHCP configuration on the Relay Agent, there is nothing wrong.

 

Regards,

Cristian Matei.

Thank you for the reply, please see below:

 

DHCP servers are setup with the fail over configuration so only one is supposed to respond unless the primary goes down only then the secondary is supposed to respond.  I talked to multiple systems engineers and they confirmed this behavior, unless I'm missing something please do let me know.

 

We do not need DHCP to assign IP's for the secondary subnet, there is no issue with the assignment, issue is that one of the scope is getting filled with "BAD_ADDRESS".  Like shown here.

https://www.petenetlive.com/KB/Article/0001651

 

10.21.0.0/16 network is getting IP's but it fills up with these BAD_ADDRESS IP's so customer has to keep cleaning them up.

 

Hi,

 

    When that happens, see to which MAC address was the IP address leased and chase it through the switches,see where it leads.

 

Regards,

Cristian Matei.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: