Re: DHCP on switch 169 addresses

Bob Greer · ‎11-29-2018

Hi there,

Thanks for reading!

We have wireless clients that are getting 169 addresses. We've pushed the DHCP process to the access layer switches where APs are plugged into. One AP/switch gives clients valid IP addresses but the other doesn't. See attachment for diagram.

Here's a sample error from a client:

Nov 29 19:15:21.250: DHCP_SNOOPING: process new DHCP packet, message type: DHCPDISCOVER, input interface: Gi0/1, MAC da: ffff.ffff.ffff, MAC sa: 3441.5df9.0353, IP da: 255.255.255.255, IP sa: 0.0.0.0, DHCP ciaddr: 0.0.0.0, DHCP yiaddr: 0.0.0.0, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 3441.5df9.0353
Nov 29 19:15:21.250: DHCP_SNOOPING_SW: bridge packet get invalid mat entry: FFFF.FFFF.FFFF, packet is flooded to ingress VLAN: (244)

Thanks!

Bob

balaji.bandi · ‎11-29-2018

in your diagram, which one working and which one not working,

can you post Sw1 trunk port configuration, also please post working and not working switch configuration

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Bob Greer · ‎11-29-2018

Hi BB, thanks for writing!

The two trunk ports are one line only:
switchport mode trunk

The bottom switch (sw04) has the working configuration. sw03 is broken. I've attached running configs

Thanks again,

Bob

balaji.bandi · ‎11-29-2018

If you compare the configuration the SW3, SW3 do not have VLAN created, make sure you set also vtp mode a transparent.

DHCP exclude do not match, Cross check again all the config line by line.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Bob Greer · ‎11-29-2018

Thanks again for writing!

As you can see from the naming, it's all temporary deploys until permanent configurations. The exclude statement is a kluge. It's an attempt to manually prevent IP dups while still leaving the VSI on the router visible.

I saw that about sw03: no vlans in config. I added them, ran show config, and they don't appear. They DO appear in show vlan and in fact you can see port assignments:
swmx003_TEMP# show vlan

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/5, Fa0/9, Fa0/10, Fa0/11
Fa0/12, Fa0/13, Fa0/14, Fa0/16
Fa0/22, Gi0/2
111 management active
130 server active
132 RC-Cards active
133 VoiceGateway-1 active
134 printer active
136 Facility-Management active
137 time-logging active
138 Security_Cameras active
140 Production active
144 officepc active
161 VLAN0161 active
168 ProductionServer active Fa0/1, Fa0/4, Fa0/6, Fa0/7
Fa0/8, Fa0/18, Fa0/19, Fa0/24
169 ZebraPr ProdAux active Fa0/2, Fa0/15, Fa0/17, Fa0/20
Fa0/21, Fa0/23
236 guest_WiFi active
238 Wlan-ap-capwap active
244 officepc-wifi active
249 Backup-remote-NDMP active
250 VMWare-FT-VMotion active
251 VMWare-ISCSI active

Georg Pauwen · ‎11-29-2018

Hello,

on a side note, on your sw03, the system mtu routing is set to 1504. This is usually configured for QinQ. Try and change it to 1500:

system mtu routing 1500

Also, your sw04 is in VTP Transparent mode. Set both switches to 'vtp mode server' (sw03 probably already is, since 'server' is the default)...