11-29-2016 08:55 AM - edited 03-08-2019 08:21 AM
Hi guys,
I noticed the following strange thing on different layer 3 switches. The client requests an IP address but the switch is trying to relay it instead of sending ack. We're using 3750s mainly, one acting as the dhcp with routing activated. It passes the traffic to its vpn box for all its vlans. We're using vlan 2 for our windows clients in general. Wired clients are quite fast with dhcp but the ones connecting through a wireless access point are taking up to 5 minutes until they receive their IP. The access points running flexconnect which drops all SSIDs into that vlan 2. Authentication is fast, it waits for IP when doing dhcp.
There is no relay configured on the SVI where the request came in:
interface Vlan2
ip address 10.36.94.120 255.255.255.128
end
The dhcp is set up like this:
ip dhcp pool VLAN2
network 10.36.94.0 255.255.255.128
dns-server 10.36.1.1 10.36.1.2
domain-name we-group.com
default-router 10.36.94.120
lease 0 12
The AP ports look like this:
interface FastEthernet0/12
description WLAN AP
switchport access vlan 2
switchport mode access
switchport nonegotiate
authentication host-mode multi-host
authentication port-control auto
dot1x pae authenticator
spanning-tree portfast
spanning-tree bpduguard enable
When activating dhcp server debuggin for events and packets I can see the following section recurring:
Nov 29 16:25:59.686: DHCPD: Reload workspace interface Vlan2 tableid 0.
Nov 29 16:25:59.686: DHCPD: tableid for 10.36.94.120 on Vlan2 is 0
Nov 29 16:25:59.686: DHCPD: client's VPN is .
Nov 29 16:25:59.686: DHCPD: DHCPREQUEST received from client 01e0.ca94.7ee3.da.
Nov 29 16:25:59.686: DHCPD: Finding a relay for client 01e0.ca94.7ee3.da on interface Vlan2.
...
Nov 29 16:26:17.277: DHCPD: Reload workspace interface Vlan2 tableid 0.
Nov 29 16:26:17.277: DHCPD: tableid for 10.36.94.120 on Vlan2 is 0
Nov 29 16:26:17.277: DHCPD: client's VPN is .
Nov 29 16:26:17.277: DHCPD: DHCPREQUEST received from client 01e0.ca94.7ee3.da.
Nov 29 16:26:17.277: DHCPD: Finding a relay for client 01e0.ca94.7ee3.da on interface Vlan2.
...
Nov 29 16:26:26.698: DHCPD: Reload workspace interface Vlan2 tableid 0.
Nov 29 16:26:26.698: DHCPD: tableid for 10.36.94.120 on Vlan2 is 0
Nov 29 16:26:26.698: DHCPD: client's VPN is .
Nov 29 16:26:26.698: DHCPD: DHCPREQUEST received from client 01e0.ca94.7ee3.da.
Nov 29 16:26:26.698: DHCPD: Finding a relay for client 01e0.ca94.7ee3.da on interface Vlan2.
...
I am wondering why it looks for a relay? The switch runs dhcp and receives the request on its vlan..
Is this normal behavior?
Then after a while it finally got one:
Nov 29 16:27:58.478: DHCPD: Reload workspace interface Vlan2 tableid 0.
Nov 29 16:27:58.478: DHCPD: tableid for 10.36.94.120 on Vlan2 is 0
Nov 29 16:27:58.478: DHCPD: client's VPN is .
Nov 29 16:27:58.478: DHCPD: DHCPREQUEST received from client 01e0.ca94.7ee3.da.
Nov 29 16:27:58.478: DHCPD: Sending notification of ASSIGNMENT:
Nov 29 16:27:58.478: DHCPD: address 10.36.94.40 mask 255.255.255.128
Nov 29 16:27:58.478: DHCPD: htype 1 chaddr e0ca.947e.e3da
Nov 29 16:27:58.478: DHCPD: lease time remaining (secs) = 43200
Nov 29 16:27:58.478: DHCPD: interface = Vlan2
Nov 29 16:27:58.478: DHCPD: out_vlan_id 0
Any idea what could cause the huge delay until our clients receive an IP?
11-30-2016 02:01 AM
- Make sure that the DHCP server is intended to operate in the same VRF as the client network; this thread my be usefull :
https://supportforums.cisco.com/discussion/11649636/dhcp-server-vrf
M,
12-01-2016 02:57 AM
It resides in the same subnet/vlan and we're not using vrf.
Any further idea?
03-21-2017 03:28 AM
Still need help on this. Can please someone assist? Some clients do net get any IP address when connecting through the AP. The SSID is locally switched (flexconnect). VLAN2, where the SVI resides. DHCP server is wokring without issue when clients connect by cable.. Any idea on this?
03-21-2017 04:41 AM
Hi
Try to use this command, if you detect the leasing is exceeding the configured time:
ip dhcp binding cleanup interval <seconds>
Also verify if the device needs an upgrade of IOS.
Please rate the comment if it is useful
:-)
03-21-2017 05:45 AM
Do you have DHCP relay configured on WLC? If you do, play also with option 82 to see if it will make difference.
And IP DHCP relay on WLC should point to your DHCP server IP (switch IP).
03-21-2017 07:11 AM
We do not use dhcp relaying for the SSID having the issue.
03-21-2017 10:55 AM
Try using it. I had similar issues for guest SSID when ASA was used as DHCP... For some reason, it works better when WLC is proxy-ing DHCP than through broadcast...
03-21-2017 07:04 AM
Scope it not out of addresses so it won't help me on this. Leases get cleaned up properly. Switches run 150-2.SE6 or SE10 in different locations having the same issue. APs using LWAPP image 8.0.140.0 (we cannot upgrade yet as we still have some 1242s). As it works with same hardware/versions in some locations without having issues i don't think it is related to IOS.
04-12-2018 03:05 PM
Your problem is in the AP switch port configuration. You said that the APs are in FlexConnect Mode. When the AP is in this mode, you need to put the AP port as Trunk and the administration Vlan as native.
02-03-2019 10:44 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide