Solved: Re: Dhcp not working

mgutierr · ‎01-23-2019

I have 3 vlans on a C9300 4 switches stack

have vlan 112 -> 172.16.112.0 (data)

vlan 312 -> 192.168.112.0 (voice)

vlan 221 -> 10.1.112.0 (wireless)

and a dedicated windows server for dhcp scopes for each single vlan. (172.16.0.109)

ping from the C9300 to the dhcp works fine

VLAN 112 is gathering dhcp but VLAN 221 is not , so any device connected from gi 4/0/31 to 4/0/48 is not getting

10.1.112.X address from the scope, if i do setup manually static ips on any device it works.

i'm pretty sure that you guys are going to be able to help me out

mgutierr · ‎01-30-2019

Let me answer myself on this matter:

the answer is pretty much related to DHCP protocol and how cisco handles it,

1st.

since DHCP sends broadcast traffic to a vlan it has to be controlled, so by default you just have to assign

an ip helper-address to manage dhcp requests out of your vlan.

2nd.

check if your switch has dhcp relay service enable, for my particular model (C9300) i did delete and option that was preventing dhcp to run : no service dhcp

hope it help somebody with the same issue

View solution in original post

mgutierr · ‎01-23-2019

maybe its related to this part of the config file:

class-map match-any system-cpp-police-protocol-snooping
description Protocol snooping
class-map match-any system-cpp-police-dhcp-snooping
description DHCP snooping

mgutierr · ‎01-23-2019

here is the vlan config

interface Vlan112
ip address 172.16.112.1 255.255.252.0
ip helper-address 172.16.0.109
no ip redirects
!
interface Vlan221
ip address 10.1.112.1 255.255.252.0
ip helper-address 172.16.0.109
!

johnd2310 · ‎01-23-2019

Hi,

Your vlan 221 says it's for wireless. How is the wireless network setup. Are you using controller based(lwapp) access points or autonomous access points?

Thanks

John

**Please rate posts you find helpful**

mgutierr · ‎01-23-2019

yes it has a controller with an static ip assignated,

dhcp is disabled on the controller, and i have a dhcp server on another network (iphelper 172.16.0.XXX)

but for some reason those AP are not picking IPs

johnd2310 · ‎01-23-2019

Hi,

what is the configuration of the Switch?

Thanks

John

**Please rate posts you find helpful**

mgutierr · ‎01-23-2019

please see the attachment

johnd2310 · ‎01-23-2019

Hi,

Where is the DHCP server connected to? Is it connected to the same switch stack or another switch?

Thanks

John

**Please rate posts you find helpful**

mgutierr · ‎01-23-2019

the dhcp server its on vlan 254 (172.16.0.0)

each VLAN helper is supposed to take care of routing dhcp (172.16.0.109) but something s missing

physically its on another switch, but I can access to VLAN 254

and if I ping from the stack to any available service on 172.16.0.XXX it replies , but not from VLAN 221

johnd2310 · ‎01-23-2019

Hi

According to your config vlan 254 has the following config:

!
interface Vlan254
ip address 172.16.254.112 255.255.255.0

The DHCP server is not on the same network are the gateway for vlan 254. You need to change the gateway address to the same network as the DHCP server or change the DHCP server ip to be on the same network as gateway e.g.

interface Vlan254
ip address 172.16.0.112 255.255.255.0

or if you want to change dhcp server address, then the server will be something like 172.16.254.109 and you will need to update the helper-address command

Thanks

John

**Please rate posts you find helpful**

mgutierr · ‎01-23-2019

actually i have VLAN 254 defined as :

interface Vlan254
ip address 172.16.254.1 255.255.255.0
end

but the dhcp is on other L3 switch

interface Vlan1
ip address 172.16.0.1 255.255.248.0
ip helper-address 172.16.0.109
no ip redirects
!

if i trace

traceroute 172.16.0.109 (to my dhcp server) my switch already knows how to get to it
Type escape sequence to abort.
Tracing the route to 172.16.0.109
VRF info: (vrf in name/id, vrf out name/id)
1 172.16.254.1 3 msec 3 msec 3 msec
2 172.16.0.109 1 msec 2 msec 60 msec

but i can understand why vlan 221 can reach it , from other vlans i get there

lpassmore · ‎01-23-2019

Please try to ping the DHCP server using the VLAN interface on the switch as a source.

Command differs per IOS level but something like:

E#ping
Protocol [ip]:
Target IP address: 172.16.0.190
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y

Source address or interface: vlan 221

or #Traceroute IP

Target IP address: 172.16.0.109

Source address: <vlan IP address>

Check that there is a return route on your other L3 switch for each IP range.

johnd2310 · ‎01-23-2019

Hi,

On the other switch where the dhcp server is connected. what does " show ip route 10.1.112.1"

Thanks

John

**Please rate posts you find helpful**

ebarin · ‎01-23-2019

Please, check ip/ping connectivity between vlan221 and DHCP server(172.16.0.109)

İf connectivity is succesful, try to connect laptop(with wired) for test

- if laptop can't get ip address, please check DHCP server scope configuration and parameters. Maybe you should control the logs on DHCP server

- if laptop get ip address , and wireless client still can't. You should check Wireless Controller DHCP configurations.

this document may help you to check and troubleshoot for DHCP issue on WLS

https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/110865-dhcp-wlc.pdf

mgutierr · ‎01-24-2019

here is what i got on

vlan 112 this one works fine

show ip route 172.16.0.1

Known via "eigrp 10", distance 90, metric 3072, type internal
Redistributing via eigrp 10
Last update from 172.16.254.1 on Vlan254, 22:23:39 ago
Routing Descriptor Blocks:
* 172.16.254.1, from 172.16.254.1, 22:23:39 ago, via Vlan254
Route metric is 3072, traffic share count is 1
Total delay is 20 microseconds, minimum bandwidth is 1000000 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1

but for vlan 221 that's (10.1.112.1)

show ip route 10.1.112.1
Routing entry for 10.1.112.1/32
Known via "connected", distance 0, metric 0 (connected)
Routing Descriptor Blocks:
* directly connected, via Vlan221
Route metric is 0, traffic share count is 1

on the other end (L3 Switch)

show ip route 10.1.112.1
Routing entry for 10.1.112.0/22
Known via "eigrp 10", distance 90, metric 3072, type internal
Redistributing via eigrp 10
Last update from 172.16.254.112 on Vlan254, 22:40:01 ago
Routing Descriptor Blocks:
* 172.16.254.112, from 172.16.254.112, 22:40:01 ago, via Vlan254
Route metric is 3072, traffic share count is 1
Total delay is 20 microseconds, minimum bandwidth is 1000000 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 51/255, Hops 1