cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
534
Views
1
Helpful
12
Replies

DHCP offer issue

user1201
Level 1
Level 1

Hello, I have a problem on a switch c9407r in version 17.9.4a.

I have a device connected on a port (Gi1/0/11) on vlan 601 that sends a dhcp discovery request.
If I capture the uplink interfaces to the gateway (PO10) I can see the dhcp response with the dhcp offer frame.

However, on my equipment's interface, the dhcp offre frame doesn't go through.

Searching the logs I came across this:

113987: May 21 07:48:28.219: DHCP_SNOOPING: direct forward dhcp replyto output port: GigabitEthernet1/0/11.
113988: May 21 07:48:28.219: DHCP_SNOOPING: process new DHCP packet, message type: DHCPOFFER, input interface: Po10, MAC da: 408c.f451.12f4, MAC sa: 7854.bd5a.chfu, IP da: 192.185.1.5, IP sa: 192.185.1.1, DHCP ciaddr: 0.0.0.0, DHCP yiaddr: 192.185.1.5, DHCP siaddr: 192.232.43.12, DHCP giaddr: 192.185.1.1, DHCP chaddr: 408c.f451.12f4, efp_id: 21390295604, vlan_id: 601, bootpflag:0x0(Unicast)
113989: May 21 07:48:28.219: DHCP_SNOOPING: calling forward_dhcp_reply
113990: May 21 07:48:28.219: platform lookup dest vlan for input_if: Port-channel10, is NOT tunnel, if_output: NULL, if_output->vlan_id: 99999, pak->vlan_id: 601
113991: May 21 07:48:28.219: DHCP_SNOOPING: vlan 601 after pvlan check
113992: May 21 07:48:28.219: DHCP Memory dump is printed for direct forward reply

I can't find the problem. I tried to see if it could be dhcp snooping or device-tracking without success.

Do you have an idea of the problem?

1 Accepted Solution

Accepted Solutions

user1201
Level 1
Level 1

The problem has been found. Thank you for your help.
It was a fault on the link to the equipment.

However, I can't figure out why a link fault was preventing the dhcp offer from getting through.

There were a lot of input errors

View solution in original post

12 Replies 12

Can you draw simple topolgy and point where you enable dhcp snooping 

MHM

Hi MHM thank you for your reply

Here is a diagram of the topology as requested

user1201_0-1716301731068.png

Have a nice day !

in L3SW you need

ip dhcp relay information trust-all 

or under interface 

ip dhcp relay information trust 

MHM

Hello,

 

Have you configured the interface that received the OFFER frame as a trusted port? When configuring DHCP Snooping allports are untrusted by default and wont process DHCP server type packets.

 

-David

user1201
Level 1
Level 1

Yesterday I tried to connect my PC to the Gi1/0/11 port in vlan 601 and I received an IP **bleep** directly.

So I think the problem is between my equipment and the switch sw02. Does the fact that the equipment sends ARP requests with an APIPA **bleep** cause the problem ?

did you check my previous comment ?

also I see only device where is DHCP server connect or it local in L3SW?

MHM

Yes I will try your command on the swL3.

There are two dhcp servers on the network. The l3SW has two ip-helper to the dhcp servers

this correct ?

user1201_0-1716301731068.png

Like that :

user1201_0-1716362650466.png

 

Yes, during my test i connect PC on port Gi1/0/11 like the équipement. 

Port configuration are : 

switchport mode access 

switchport access vlan 601 

 

equipment on port gi1/0/11 is on vlan 601, dhcp discovery is on vlan 601

user1201
Level 1
Level 1

The problem has been found. Thank you for your help.
It was a fault on the link to the equipment.

However, I can't figure out why a link fault was preventing the dhcp offer from getting through.

There were a lot of input errors

Review Cisco Networking for a $25 gift card