Solved: Thanks alot for your help by

Kekun · ‎07-14-2017

Router : C891F (1 Gigabit L3 port and 8 switch ports)

It's probably easy but I don't know what's wrong. To put you in context, I configured a router out of the main LAN and everything worked except that 1 computer was stuck with an APIPA address while another plugged in the same port recieved DHCP no problem.

After work hours, I plugged the organization's unmanageable switch into the port that had been configured for that switch but Nothing (yes, the config has been saved before turning off the router). Everything gets an APIPA address. I rebooted the router and access point, no change. I rebooted the computers, no change. Rebooted the switch, no change. I set up static IPs, now I can connect to the management interface but still no internet access and anyway, I want DHCP to work, not set static IPs everywhere. I had already tried the router on the real network and it worked fine so I Wonder what's the problem.

Does it have to do with the DHCP lease time? Does it have anything to do with the client MAC address? Is the computer refused DHCP or is it just unable to communicate with the server (which worked before I moved the router)?

Is the server trying to remember computers or Something? Can I prevent this?

Kevin Rivest · ‎07-17-2017

You have to remove the subnet prefix-length command from the DHCP pools:

ip dhcp pool ORG1
utilization mark high 20 log
utilization mark low 2 log
network 192.168.1.0 255.255.255.0
subnet prefix-length 24
default-router 192.168.1.1
dns-server x.x.x.x x.x.x.x x.x.x.x
!
ip dhcp pool ORG2
utilization mark high 20 log
utilization mark low 2 log
network 192.168.2.0 255.255.255.0
subnet prefix-length 24
default-router 192.168.2.1
dns-server x.x.x.x x.x.x.x x.x.x.x

This command is used by a subnet allocation server to allocate a subnet whose size is based upon the specified CIDR length, instead of an individual address from a DHCP server. The subnet mask specified within the network command in the DHCP pool is what assigns the subnet mask to DHCP clients.

View solution in original post

Georg Pauwen · ‎07-14-2017

Hello,

I am not clear on your physical setup. Is it:

Client -->Unmanaged Switch --> Router ?

Is the router configured as DHCP server ? Can you post the config of the router ?

Kekun · ‎07-17-2017

Sorry for the late reply,

Yes, it is client ---> unmanageable switch ----> router

The router is configured as DHCP server

There are 2 organizaitons using the router and access point (AIR-AP-1852i-A-K9)

There are 2 unmanageable switches, one per organization.

ORG1's switch is plugged in G0 switchport (Access vlan 1) of the C891F ISR router

ORG2's switch is plugged in G1 switchport (Access vlan 2) of the C891F ISR router

vlan 10 is management vlan for both the router and access point.

vlan 3 will be for a guest wlan and is not used at the moment.

Here is the relevant part of the running config :

no ip dhcp use class
ip dhcp binding cleanup interval 300
ip dhcp excluded-address 192.168.1.50 192.168.1.60
ip dhcp excluded-address 192.168.2.5
!
ip dhcp pool ORG1
utilization mark high 20 log
utilization mark low 2 log
network 192.168.1.0 255.255.255.0
subnet prefix-length 24
default-router 192.168.1.1
dns-server x.x.x.x x.x.x.x x.x.x.x
!
ip dhcp pool ORG2
utilization mark high 20 log
utilization mark low 2 log
network 192.168.2.0 255.255.255.0
subnet prefix-length 24
default-router 192.168.2.1
dns-server x.x.x.x x.x.x.x x.x.x.x

!
interface BRI0
no ip address
encapsulation hdlc
isdn termination multidrop
!
interface FastEthernet0
no ip address
shutdown
duplex auto
speed auto
!
interface GigabitEthernet0
no ip address
auto discovery qos
!
interface GigabitEthernet1
switchport access vlan 2
no ip address
auto discovery qos
!
interface GigabitEthernet2
switchport trunk native vlan 10
switchport trunk allowed vlan 1-3,10,1001-4094
switchport mode trunk
no ip address
!
interface GigabitEthernet3
no ip address
shutdown
!
interface GigabitEthernet4
no ip address
shutdown
!
interface GigabitEthernet5
no ip address
shutdown
!
interface GigabitEthernet6
no ip address
shutdown
!
interface GigabitEthernet7
no ip address
shutdown
!
interface GigabitEthernet8
ip address dhcp
ip access-group 1 out
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface Vlan1
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface Vlan2
ip address 192.168.2.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface Vlan3
ip address 192.168.3.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface Vlan10
ip address 192.168.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface Vlan100
no ip address
shutdown
!
interface Async1
no ip address
encapsulation slip
routing dynamic
!
interface Async3
no ip address
encapsulation slip

I got these messages from the DHCP event debug :

*Jul 17 18:37:48.331: DHCPD: client's VPN is .
*Jul 17 18:37:48.331: DHCPD: No option 125
*Jul 17 18:37:48.331: DHCPD: Sending notification of DISCOVER:
*Jul 17 18:37:48.331:   DHCPD: htype 1 chaddr 1c4b.d678.4dce
*Jul 17 18:37:48.331:   DHCPD: remote id 020a0000c0a8020102010002
*Jul 17 18:37:48.331:   DHCPD: circuit id 00000000
*Jul 17 18:37:48.331: DHCPD: DHCPDISCOVER received from client 011c.4bd6.784d.ce on interface Vlan2.
*Jul 17 18:37:48.331: DHCPD: Seeing if there is an internally specified pool class:
*Jul 17 18:37:48.331:   DHCPD: htype 1 chaddr 1c4b.d678.4dce
*Jul 17 18:37:48.331:   DHCPD: remote id 020a0000c0a8020102010002
*Jul 17 18:37:48.331:   DHCPD: circuit id 00000000
*Jul 17 18:37:48.331: DHCPD: there is no address pool for 192.168.2.1.

But a pool is configured. A DHCP class was defined for both pools but I removed them and Nothing changed.

Result is the same if I use network 192.168.1.0 /24

Anyway, Why does it say there is no pool for 192.168.2.1 when it clearly is configured?

**EDIT** Internet access works perfectly when static IP addresses are being used.

Georg Pauwen · ‎07-17-2017

Hello,

check if your IOS supports the spanning-tree portfast trunk command:

interface GigabitEthernet2
switchport trunk native vlan 10
switchport trunk allowed vlan 1-3,10,1001-4094
switchport mode trunk
spanning-tree portfast trunk
no ip address

What type/platform is the unmanaged switch ?

Kekun · ‎07-17-2017

It doesn't, only spanning-tree portfast command works.

Here's what it says :

Router(config-if)#spanning-tree portfast
%Warning: portfast should only be enabled on ports connected to a single host.
Connecting hubs, concentrators, switches, bridges, etc.to this interface
when portfast is enabled, can cause temporary spanning tree loops.
Use with CAUTION

%Portfast has been configured on GigabitEthernet2 but will only
have effect when the interface is in a non-trunking mode.

I disabled it with "no spanning-tree portfast".

*Edit : The trunk is connected to the access point. Should not be a problem (I think) as Wireless clients also can connect if given static IP addresses

Kekun · ‎07-17-2017

Here's the debug log of a computer connected to ORG1's unmanageable switch (which is connected in G0 of the router) and trying to get DHCP :

*Jul 17 19:19:08.675: DHCPD: client's VPN is .
*Jul 17 19:19:08.675: DHCPD: No option 125
*Jul 17 19:19:08.675: DHCPD: Sending notification of DISCOVER:
*Jul 17 19:19:08.675:   DHCPD: htype 1 chaddr 001b.fcf5.9976
*Jul 17 19:19:08.675:   DHCPD: remote id 020a0000c0a8010100010001
*Jul 17 19:19:08.675:   DHCPD: circuit id 00000000
*Jul 17 19:19:08.675: DHCPD: DHCPDISCOVER received from client 0100.1bfc.f599.76 on interface Vlan1.
*Jul 17 19:19:08.675: DHCPD: Seeing if there is an internally specified pool class:
*Jul 17 19:19:08.675:   DHCPD: htype 1 chaddr 001b.fcf5.9976
*Jul 17 19:19:08.675:   DHCPD: remote id 020a0000c0a8010100010001
*Jul 17 19:19:08.675:   DHCPD: circuit id 00000000
*Jul 17 19:19:08.675: DHCPD: there is no address pool for 192.168.1.1.

G0 and G1 are on access mode, G0 is vlan 1 and G1 is vlan 2.

Should I set them in trunk mode? I thought I didn't have to since I want only vlan1 to go through G0 and only vlan2 to go through G1. Assigning IP addresses to vlans and associating them with a physical port seemed like the way to go to "simulate" a L3 port. Basically, vlan1 and vlan2 are the DHCP servers because otherwise, G0, G1 and G2 are mere switchports that cannot be configured with anything regarding L3.

Maybe it's all that switch/router in one device + WLC/Access point in one device that makes it hard for me to find documentation that actually works with the setup I have...

I'm sure I didn't configure Something correctly because it's a switch/router. I only learned with separate switches and routers. Never had trouble with those but this ISR router.... Damn

Georg Pauwen · ‎07-17-2017

Hello,

what type/brand is the unmanaged switch ? You need to have the uplink on that switch configured as a trunk as well, is that the case ?

Kekun · ‎07-17-2017

I just saw you asked for that, ORG1's switch (G0) is a D-Link DGS-1016D

Org2's switch (G1) is a HP Procurve 1410-16g

It is impossible to configure anything in those switches. Aren't they supposed to let everything through by default?

**Edit :G0 and G1 in the router are set as access ports but if a trunk is required I'll try

Georg Pauwen · ‎07-17-2017

Hello,

sorry for the confusion. D-Link is connected to GigabtEthernet0, and HP Procurve to GigabitEthernet1. So what is connected to GigabitEthernet2 ?

Kekun · ‎07-17-2017

Sorry for not being clear the first time ;)

Connected to G2 is the Access point for their wifi networks. Everything seems to work well on that side but the Wireless clients have the same issue as wired : No DHCP, need static ip addressing.

So in short : G0 : ORG1's unmanageable switch

G1 : ORG2's unmanageable switch

G2 : Cisco AIR-AP-1852i-A-K9 (with mobility express)

Georg Pauwen · ‎07-17-2017

Hello,

the unmanaged switches work (most likely) only with the default Vlan, Vlan 1. So the only thing to get clients connected to these switches an IP address assigned is to set GigabitEthernet0 and GigabitEthernet1 as access ports in Vlan 1. For the wireless clients, do you have the port on the AP configured as a trunk, with the same native Vlan, and allowing the same Vlans on that trunk ?

In any case, 192.168.1.1 and 192.168.2.1 need to be excluded addresses.

Kekun · ‎07-17-2017

For the access point :

The management interface in on vlan 10 and the access point requires the management interface vlan to be the native vlan of the trunk.

interface GigabitEthernet2
switchport trunk native vlan 10
switchport trunk allowed vlan 1-3,10,1001-4094
switchport mode trunk
no ip address

Vlan trunking is enabled on the AP, the flexconnect native vlan is 10 and vlan 1 and 2 have also been configured

FlexConnect Vlan mode :.......................... Enabled
        Native ID :..................................... 10
        WLAN 1 :........................................ 1 (AP-Specific)
        WLAN 2 :........................................ 2 (AP-Specific)
FlexConnect VLAN ACL Mappings
Vlan :........................................... 1
        Ingress ACL :................................... None
        Egress ACL :.................................... None

--More-- or (q)uit
Vlan :........................................... 2
Ingress ACL :................................... None
Egress ACL :.................................... None
FlexConnect Group................................ default-flexgroup
Group VLAN ACL Mappings

Group VLAN Name to Id Mappings

AP-Specific FlexConnect Policy ACLs :
L2Acl Configuration ............................. Not Available
FlexConnect Local-Split ACLs :

WLAN ID PROFILE NAME ACL TYPE
------- -------------------------------- --------------------------------- -------

(Cisco Controller) >show interface summary

Number of Interfaces.......................... 3

Interface Name                   Port Vlan Id IP Address      Type    Ap Mgr Guest
-------------------------------- ---- -------- --------------- ------- ------ -----

management                       1      10       192.168.10.2    Static Yes    No
virtual                          N/A N/A      192.0.2.1       Static No     No

Also, G0 is already in access mode for vlan 1 and G1 in access mode for vlan 2. So far, there is no difference. Anything on G0 (vlan 1) can't get DHCP more than clients on G2. When assigned a static IP, clients in vlan 2 (G2 and wlan2) have internet connectivity and can ping any other client in vlan1 192.168.1.0 /24. I think the access VLAN can be set on Something else than vlan 1 and still work but right now even the default vlan doesn't make a difference

Georg Pauwen · ‎07-17-2017

Hello,

what happens if you set both GigabitEthernet0 and GigabitEthernet1 to:

switchport mode trunk

Kekun · ‎07-17-2017

I tried and lost connectivity on the staticly assigned clients. It started working again when I changed back to access ports

Kekun · ‎07-17-2017

Thanks alot for your help by the way.

I restarted DCHP with

>en

#conf t

(config)#no service dhcp

(config)#service dhcp

still Nothing. Everything has been rebooted several times already and nothing changed.

I cleared everything I could about DHCP on the router, reset connection settings and rebooted clients

Most computers have recieved an IP address from DHCP at least once and the config was the same as I posted except DHCP classes were configured in order to assign a specific range of ip addresses. It stopped working at some point when the router was unplugged for several minutes. I plugged everything back exactly like it was before and poof, everyone gets an APIPA...

**EDIT** : Sorry for the spam but actually, before I turned off the router to place it somewhere else, it was already not working on one computer. I cleared everything I could about DHCP, bindings, leases etc.

I reset the network settings on all the computers with which I was testing (all Windows 10). It was then that everyone got an APIPA address except one computer that was on wifi (wlan 1). I moved the router to see if it would work once placed at its new location. Nothing. Even stopped working on that wifi client. Rebooted everything several times and in the end, it worked on the 2 most recent computers in the network (4th gen i3/i5) but not on the rest (All computers run Windows 10). Today, they went APIPA and required a static IP like the rest to work.

I removed the classes and entered the command

no ip DHCP use class

No change.

That's what happened exactly if it can help

DHCP no longer works after router was relocated