03-01-2015 07:35 AM - edited 03-07-2019 10:53 PM
I'm trying to get DHCP snooping to work correctly. The network clients are able to receive addresses from the DHCP server (2811 Router) with no problem , but the DHCP snooping database bindings are not being entered in 2960 Cisco switch. I need them to be entered to be able to utilize DAI.
Below is the output from the router.
R1#sh ip dhcp binding
Bindings from all pools not associated with VRF:
IP address Client-ID/ Lease expiration Type
Hardware address/
User name
10.11.16.51 0100.0ffe.e1ce.40 Mar 08 2015 01:13 PM Automatic
10.11.16.52 0100.0ffe.e1cd.9c Mar 08 2015 02:06 PM Automatic
10.11.16.53 0178.acc0.9d60.7c Mar 08 2015 02:06 PM Automatic
10.11.16.82 01a0.481c.add0.5a Mar 08 2015 02:05 PM Automatic
Below are the outputs from the switch:
SW#sh ip dhcp snooping binding
MacAddress IpAddress Lease(sec) Type VLAN Interface
------------------ --------------- ---------- ------------- ---- --------------------
Total number of bindings: 0
SW#sh ip dhcp snooping
Switch DHCP snooping is disabled
DHCP snooping is configured on following VLANs:
none
DHCP snooping is operational on following VLANs:
none
DHCP snooping is configured on the following L3 Interfaces:
Insertion of option 82 is enabled
circuit-id default format: vlan-mod-port
remote-id: 04da.d2cd.1080 (MAC)
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Verification of giaddr field is enabled
DHCP snooping trust/rate is configured on the following Interfaces:
Interface Trusted Allow option Rate limit (pps)
----------------------- ------- ------------ ----------------
SW#sh ip dhcp snooping binding
MacAddress IpAddress Lease(sec) Type VLAN Interface
------------------ --------------- ---------- ------------- ---- --------------------
Total number of bindings: 0
03-01-2015 09:20 AM
Hi,
You need to configure ip dhcp snooping at your Cat2960 switch (it is disabled by default). Please see the Configuration Guide pertinent to your software version, e.g. as beneath:
You would configure at least "ip dhcp snooping" and "ip dhcp snooping vlan" globally, then "ip dhcp snooping trust" under the interface leading to your router and possibly "ip dhcp snooping database" to store your binding database. Further commands are avalable to tune whatever you like.
Best regards,
Antonin
03-01-2015 04:06 PM
Hi Antonin,
Very good answer!
In addition, if the DHCP server is running on a Cisco router then the interface or subinterface of the router in the VLAN where the DHCP clients are located must be configured with the ip dhcp relay information trusted command, otherwise, the DHCP server on the router will drop all messages that went through the DHCP Snooping inspection on the switch. The reason is that a DHCP Snooping-enabled switch will add its own Option-82 record into all client messages passing through it, identifying itself, the VLAN and the precise port where the clients is connected to make sure the response can be passed back only to that client even if it was sent to a broadcast MAC by the server. However, in the forwarded DHCP client messages, the switch does not fill in the IP address of the DHCP Relay Agent that is usually the one responsible for adding this Option-82, and so the address remains at 0.0.0.0. Cisco DHCP server implementation in IOS checks whether a DHCP client message carrying an Option-82 also has a non-zero Relay Agent address set, and if it doesn't, it drops the message. This check can be deactivated by the ip dhcp relay information trusted per-interface command as mentioned above, or its global counterpart ip dhcp relay information trust-all.
Some sources suggest that the insertion of Option-82 is deactivated on the DHCP Snooping-enabled switch. Unless that is absolutely necessary, though, I strongly discourage such practice.
Best regards,
Peter
03-02-2015 02:05 AM
Hi Peter,
Thanks for your comment. This is a valid point. Option-82 is indeed subject to common discussions and it certainly has to be taken into consideration.
Best regards,
Antonin
03-02-2015 01:54 AM
Hi Anotin,
DHCP Snooping has been enabled already on Cisco 2960 switch globally along with the specific Vlans. I don't see the binding populating any entries in it after enabling DHCP snooping.
SW#sh ip dhcp snooping binding
MacAddress IpAddress Lease(sec) Type VLAN Interface
------------------ --------------- ---------- ------------- ---- --------------------
Total number of bindings: 0
SW#sh ip dhcp snooping
Switch DHCP snooping is disabled
DHCP snooping is configured on following VLANs:
none
DHCP snooping is operational on following VLANs:
none
DHCP snooping is configured on the following L3 Interfaces:
Insertion of option 82 is enabled
circuit-id default format: vlan-mod-port
remote-id: 04da.d2cd.1080 (MAC)
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Verification of giaddr field is enabled
DHCP snooping trust/rate is configured on the following Interfaces:
Interface Trusted Allow option Rate limit (pps)
----------------------- ------- ------------ ----------------
03-02-2015 02:49 AM
Hi,
Thanks for the feedback. Your output however still reads:
Switch DHCP snooping is disabled
Just to double check: in addition to "ip dhcp snooping vlan" also "ip dhcp snooping" command should be configured to enable switch dhcp snooping. If so can you please post your switch configuration (with the sensitive information deleted) and also provide the "sh ver" output if possible.
Thanks & Regards,
Antonin
03-02-2015 03:07 AM
Hi Antonin,
Sorry for the wrong output. Below is the correct output:
SW#sh ip dhcp snooping
Switch DHCP snooping is enabled
DHCP snooping is configured on following VLANs:
1-2,211
DHCP snooping is operational on following VLANs:
1-2,211
DHCP snooping is configured on the following L3 Interfaces:
Insertion of option 82 is enabled
circuit-id default format: vlan-mod-port
remote-id: 04da.d2cd.1080 (MAC)
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Verification of giaddr field is enabled
DHCP snooping trust/rate is configured on the following Interfaces:
Interface Trusted Allow option Rate limit (pps)
----------------------- ------- ------------ ----------------
GigabitEthernet1/0/48 yes yes unlimited
Custom circuit-ids:
SW#sh ver
Cisco IOS Software, C2960S Software (C2960S-UNIVERSALK9-M), Version 12.2(55)SE5, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Thu 09-Feb-12 19:22 by prod_rel_team
Image text-base: 0x00003000, data-base: 0x01B00000
ROM: Bootstrap program is Alpha board boot loader
BOOTLDR: C2960S Boot Loader (C2960S-HBOOT-M) Version 12.2(55r)SE, RELEASE SOFTWARE (fc1)
SW uptime is 8 weeks, 6 days, 3 hours, 13 minutes
System returned to ROM by power-on
System restarted at 10:52:44 Riyadh Tue Dec 30 2014
System image file is "flash:/c2960s-universalk9-mz.122-55.SE5/c2960s-universalk9-mz.122-55.SE5.bin"
03-02-2015 06:10 AM
Hi,
Thanks for the update. It looks much better now.
Please confirm that all DHCP packets are processed correctly and clients receive ip addresses as expected.
I assume that your clients are directly connected to Cat2960s and they belong to vlan 1.
Can you please post the "show ip dhcp snooping database" and "sh ip dhcp snooping statistics detail" commands outputs.
Thanks & Regards,
Antonin
03-02-2015 06:23 AM
Hi Antonin,
SW#sh ip dhcp snooping database
Agent URL :
Write delay Timer : 300 seconds
Abort Timer : 300 seconds
Agent Running : No
Delay Timer Expiry : Not Running
Abort Timer Expiry : Not Running
Last Succeded Time : None
Last Failed Time : None
Last Failed Reason : No failure recorded.
Total Attempts : 0 Startup Failures : 0
Successful Transfers : 0 Failed Transfers : 0
Successful Reads : 0 Failed Reads : 0
Successful Writes : 0 Failed Writes : 0
Media Failures : 0
KHZhqbSW#sh ip dhcp snooping statistics detail
Packets Processed by DHCP Snooping = 38134
Packets Dropped Because
IDB not known = 0
Queue full = 0
Interface is in errdisabled = 0
Rate limit exceeded = 0
Received on untrusted ports = 0
Nonzero giaddr = 0
Source mac not equal to chaddr = 0
No binding entry = 0
Insertion of opt82 fail = 0
Unknown packet = 0
Interface Down = 0
Unknown output interface = 0
Misdirected Packets = 0
Packets with Invalid Size = 0
Packets with Invalid Option = 0
Yes, my hosts are connected to 2960 through Vlan1. Router is the DHCP server connected to 2960, the interface connecting switch to router is trunk and has been marked as trusted interface. Strange thing is that, even if I remove DHCP configuration completely from router, the hosts are receiving ip addresses and there is no entry in DHCP binding table of the router.
03-02-2015 11:29 AM
Here are some debugs from switch and router for your reference:
SW#
Mar 2 14:03:11.747: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi1/0/39 for pak. Was not set
Mar 2 14:03:11.747: DHCPSNOOP(hlfm_set_if_input): Clearing if_input for pak. Was Gi1/0/39
Mar 2 14:03:11.747: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi1/0/39 for pak. Was not set
Mar 2 14:03:11.747: DHCP_SNOOPING: received new DHCP packet from input interface (GigabitEthernet1/0/39)
Mar 2 14:03:11.747: DHCP_SNOOPING: process new DHCP packet, message type: DHCPREQUEST, input interface: Gi1/0/39, MAC da: ffff.ffff.ffff, MAC sa: 2401.c73d.04f9, IP da: 255.255.255.255, IP sa: 10.211.16.56, DHCP ciaddr: 10.211.16.56, DHCP yiaddr: 0.0.0.0, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 2401.c73d.04f9
Mar 2 14:03:11.747: DHCP_SNOOPING: add relay information option.
Mar 2 14:03:11.747: DHCP_SNOOPING_SW: Encoding opt82 CID in vlan-mod-port format
Mar 2 14:03:11.747: DHCP_SNOOPING_SW: Encoding opt82 RID in MAC address format
Mar 2 14:03:11.747: DHCP_SNOOPING: binary dump of relay info option, length: 20 data:
0x52 0x12 0x1 0x6 0x0 0x4 0x0 0xD3 0x1 0x27 0x2 0x8 0x0 0x6 0x4 0xDA 0xD2 0xCD 0x10 0x80
Mar 2 14:03:11.747: DHCP_SNOOPING_SW: bridge packet get invalid mat entry: FFFF.FFFF.FFFF, packet is flooded to ingress VLAN: (211)
Mar 2 14:03:17.456: DHCP_SNOOPING: checking expired snoop binding entries
Mar 2 14:03:19.742: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi1/0/39 for pak. Was not set
Mar 2 14:03:19.742: DHCPSNOOP(hlfm_set_if_input): Clearing if_input for pak. Was Gi1/0/39
Mar 2 14:03:19.742: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi1/0/39 for pak. Was not set
Mar 2 14:03:19.742: DHCP_SNOOPING: received new DHCP packet from input interface (GigabitEthernet1/0/39)
Mar 2 14:03:19.748: DHCP_SNOOPING: process new DHCP packet, message type: DHCPREQUEST, input interface: Gi1/0/39, MAC da: ffff.ffff.ffff, MAC sa: 2401.c73d.04f9, IP da: 255.255.255.255, IP sa: 10.211.16.56, DHCP ciaddr: 10.211.16.56, DHCP yiaddr: 0.0.0.0, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 2401.c73d.04f9
Mar 2 14:03:19.748: DHCP_SNOOPING: add relay information option.
Mar 2 14:03:19.748: DHCP_SNOOPING_SW: Encoding opt82 CID in vlan-mod-port format
Mar 2 14:03:19.748: DHCP_SNOOPING_SW: Encoding opt82 RID in MAC address format
Mar 2 14:03:19.748: DHCP_SNOOPING: binary dump of relay info option, length: 20 data:
0x52 0x12 0x1 0x6 0x0 0x4 0x0 0xD3 0x1 0x27 0x2 0x8 0x0 0x6 0x4 0xDA 0xD2 0xCD 0x10 0x80
Mar 2 14:03:19.748: DHCP_SNOOPING_SW: bridge packet get invalid mat entry: FFFF.FFFF.FFFF, packet is flooded to ingress VLAN: (211)
Mar 2 14:03:20.497: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi1/0/27 for pak. Was not set
Mar 2 14:03:20.497: DHCPSNOOP(hlfm_set_if_input): Clearing if_input for pak. Was Gi1/0/27
Mar 2 14:03:20.497: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi1/0/27 for pak. Was not set
Mar 2 14:03:20.497: DHCP_SNOOPING: received new DHCP packet from input interface (GigabitEthernet1/0/27)
Mar 2 14:03:20.497: DHCP_SNOOPING: process new DHCP packet, message type: DHCPREQUEST, input interface: Gi1/0/27, MAC da: ffff.ffff.ffff, MAC sa: 8478.acc6.a4e1, IP da: 255.255.255.255, IP sa: 10.211.16.65, DHCP ciaddr: 10.211.16.65, DHCP yiaddr: 0.0.0.0, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 8478.acc6.a4e1
Mar 2 14:03:20.503: DHCP_SNOOPING: add relay information option.
Mar 2 14:03:20.503: DHCP_SNOOPING_SW: Encoding opt82 CID in vlan-mod-port format
Mar 2 14:03:20.503: DHCP_SNOOPING_SW: Encoding opt82 RID in MAC address format
Mar 2 14:03:20.503: DHCP_SNOOPING: binary dump of relay info option, length: 20 data:
0x52 0x12 0x1 0x6 0x0 0x4 0x0 0xD3 0x1 0x1B 0x2 0x8 0x0 0x6 0x4 0xDA 0xD2 0xCD 0x10 0x80
Mar 2 14:03:20.503: DHCP_SNOOPING_SW: bridge packet get invalid mat entry: FFFF.FFFF.FFFF, packet is flooded to ingress VLAN: (211)
Mar 2 14:03:21.667: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi1/0/1 for pak. Was not set
Mar 2 14:03:21.667: DHCPSNOOP(hlfm_set_if_input): Clearing if_input for pak. Was Gi1/0/1
Mar 2 14:03:21.667: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi1/0/1 for pak. Was not set
Mar 2 14:03:21.667: DHCP_SNOOPING: received new DHCP packet from input interface (GigabitEthernet1/0/1)
Mar 2 14:03:21.667: DHCP_SNOOPING: process new DHCP packet, message type: DHCPREQUEST, input interface: Gi1/0/1, MAC da: 7cad.7488.7873, MAC sa: 8478.acc6.b2c4, IP da: 10.211.16.1, IP sa: 10.211.16.203, DHCP ciaddr: 10.211.16.203, DHCP yiaddr: 0.0.0.0, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 8478.acc6.b2c4
Mar 2 14:03:21.667: DHCP_SNOOPING: add relay information option.
Mar 2 14:03:21.667: DHCP_SNOOPING_SW: Encoding opt82 CID in vlan-mod-port format
Mar 2 14:03:21.667: DHCP_SNOOPING_SW: Encoding opt82 RID in MAC address format
Mar 2 14:03:21.667: DHCP_SNOOPING: binary dump of relay info option, length: 20 data:
0x52 0x12 0x1 0x6 0x0 0x4 0x0 0xD3 0x1 0x1 0x2 0x8 0x0 0x6 0x4 0xDA 0xD2 0xCD 0x10 0x80
Mar 2 14:03:21.672: DHCP_SNOOPING_SW: bridge packet send packet to port: GigabitEthernet1/0/48, vlan 211.
Mar 2 14:03:21.771: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/2, changed state to down
Mar 2 14:03:22.778: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/2, changed state to down
Mar 2 14:03:24.498: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi1/0/27 for pak. Was not set
Mar 2 14:03:24.498: DHCPSNOOP(hlfm_set_if_input): Clearing if_input for pak. Was Gi1/0/27
Mar 2 14:03:24.498: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi1/0/27 for pak. Was not set
Mar 2 14:03:24.498: DHCP_SNOOPING: received new DHCP packet from input interface (GigabitEthernet1/0/27)
Mar 2 14:03:24.498: DHCP_SNOOPING: process new DHCP packet, message type: DHCPREQUEST, input interface: Gi1/0/27, MAC da: ffff.ffff.ffff, MAC sa: 8478.acc6.a4e1, IP da: 255.255.255.255, IP sa: 10.211.16.65, DHCP ciaddr: 10.211.16.65, DHCP yiaddr: 0.0.0.0, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 8478.acc6.a4e1
Mar 2 14:03:24.498: DHCP_SNOOPING: add relay information option.
Mar 2 14:03:24.498: DHCP_SNOOPING_SW: Encoding opt82 CID in vlan-mod-port format
Mar 2 14:03:24.503: DHCP_SNOOPING_SW: Encoding opt82 RID in MAC address format
Mar 2 14:03:24.503: DHCP_SNOOPING: binary dump of relay info option, length: 20 data:
0x52 0x12 0x1 0x6 0x0 0x4 0x0 0xD3 0x1 0x1B 0x2 0x8 0x0 0x6 0x4 0xDA 0xD2 0xCD 0x10 0x80
Mar 2 14:03:24.503: DHCP_SNOOPING_SW: bridge packet get invalid mat entry: FFFF.FFFF.FFFF, packet is flooded to ingress VLAN: (211)
Mar 2 14:03:24.624: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi1/0/8 for pak. Was not set
Mar 2 14:03:24.624: DHCPSNOOP(hlfm_set_if_input): Clearing if_input for pak. Was Gi1/0/8
Mar 2 14:03:24.624: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi1/0/8 for pak. Was not set
Mar 2 14:03:24.624: DHCP_SNOOPING: received new DHCP packet from input interface (GigabitEthernet1/0/8)
Mar 2 14:03:24.624: DHCP_SNOOPING: process new DHCP packet, message type: DHCPREQUEST, input interface: Gi1/0/8, MAC da: 7cad.7488.7873, MAC sa: 8478.acc6.a568, IP da: 10.211.16.1, IP sa: 10.211.16.204, DHCP ciaddr: 10.211.16.204, DHCP yiaddr: 0.0.0.0, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 8478.acc6.a568
Mar 2 14:03:24.624: DHCP_SNOOPING: add relay information option.
Mar 2 14:03:24.624: DHCP_SNOOPING_SW: Encoding opt82 CID in vlan-mod-port format
Mar 2 14:03:24.624: DHCP_SNOOPING_SW: Encoding opt82 RID in MAC address format
Mar 2 14:03:24.624: DHCP_SNOOPING: binary dump of relay info option, length: 20 data:
0x52 0x12 0x1 0x6 0x0 0x4 0x0 0xD3 0x1 0x8 0x2 0x8 0x0 0x6 0x4 0xDA 0xD2 0xCD 0x10 0x80
Mar 2 14:03:24.624: DHCP_SNOOPING_SW: bridge packet send packet to port: GigabitEthernet1/0/48, vlan 211.
Mar 2 14:03:25.468: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/2, changed state to up
Mar 2 14:03:25.667: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi1/0/1 for pak. Was not set
Mar 2 14:03:25.667: DHCPSNOOP(hlfm_set_if_input): Clearing if_input for pak. Was Gi1/0/1
Mar 2 14:03:25.667: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi1/0/1 for pak. Was not set
Mar 2 14:03:25.667: DHCP_SNOOPING: received new DHCP packet from input interface (GigabitEthernet1/0/1)
Mar 2 14:03:25.667: DHCP_SNOOPING: process new DHCP packet, message type: DHCPREQUEST, input interface: Gi1/0/1, MAC da: 7cad.7488.7873, MAC sa: 8478.acc6.b2c4, IP da: 10.211.16.1, IP sa: 10.211.16.203, DHCP ciaddr: 10.211.16.203, DHCP yiaddr: 0.0.0.0, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 8478.acc6.b2c4
R1#
Mar 2 14:06:18.201: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:06:18.201: DHCPD: htype 1 chaddr 8478.acc6.a6fe
Mar 2 14:06:18.201: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:06:18.201: DHCPD: circuit id 00000000
Mar 2 14:06:19.561: DHCPD: Sending notification of DISCOVER:
Mar 2 14:06:19.561: DHCPD: htype 1 chaddr 000f.fee1.ccfa
Mar 2 14:06:19.561: DHCPD: remote id 020a00000a0b100100000001
Mar 2 14:06:19.561: DHCPD: circuit id 00000000
Mar 2 14:06:19.561: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:06:19.561: DHCPD: htype 1 chaddr 000f.fee1.ccfa
Mar 2 14:06:19.561: DHCPD: remote id 020a00000a0b100100000001
Mar 2 14:06:19.561: DHCPD: circuit id 00000000
Mar 2 14:06:19.561: DHCPD: client requests 10.11.16.96.
Mar 2 14:06:19.561: DHCPD: Allocated binding 242DC0D8
Mar 2 14:06:19.561: DHCPD: Adding binding to radix tree (10.11.16.96)
Mar 2 14:06:19.561: DHCPD: Adding binding to hash tree
Mar 2 14:06:19.561: DHCPD: assigned IP address 10.11.16.96 to client 0100.0ffe.e1cc.fa.
Mar 2 14:06:20.673: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:06:20.673: DHCPD: htype 1 chaddr 1ce6.c79b.895d
Mar 2 14:06:20.673: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:06:20.673: DHCPD: circuit id 00000000
Mar 2 14:06:21.561: DHCPD: Sending notification of DISCOVER:
Mar 2 14:06:21.561: DHCPD: htype 1 chaddr 000f.fee1.ccfa
Mar 2 14:06:21.561: DHCPD: remote id 020a00000a0b100100000001
Mar 2 14:06:21.561: DHCPD: circuit id 00000000
Mar 2 14:06:21.561: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:06:21.561: DHCPD: htype 1 chaddr 000f.fee1.ccfa
Mar 2 14:06:21.561: DHCPD: remote id 020a00000a0b100100000001
Mar 2 14:06:21.561: DHCPD: circuit id 00000000
Mar 2 14:06:21.561: DHCPD: Sending notification of ASSIGNMENT:
Mar 2 14:06:21.561: DHCPD: address 10.11.16.96 mask 255.255.255.0
Mar 2 14:06:21.561: DHCPD: htype 1 chaddr 000f.fee1.ccfa
Mar 2 14:06:21.561: DHCPD: lease time remaining (secs) = 604800
Mar 2 14:06:22.577: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:06:22.577: DHCPD: htype 1 chaddr 8478.acc6.afe6
Mar 2 14:06:22.577: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:06:22.577: DHCPD: circuit id 00000000
Mar 2 14:06:24.497: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:06:24.497: DHCPD: htype 1 chaddr 8478.acc6.a4e1
Mar 2 14:06:24.497: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:06:24.497: DHCPD: circuit id 00000000
Mar 2 14:06:25.665: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:06:25.665: DHCPD: htype 1 chaddr 8478.acc6.b2c4
Mar 2 14:06:25.665: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:06:25.665: DHCPD: circuit id 00000000
Mar 2 14:06:26.205: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:06:26.205: DHCPD: htype 1 chaddr 8478.acc6.afe3
Mar 2 14:06:26.205: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:06:26.205: DHCPD: circuit id 00000000
Mar 2 14:06:28.277: DHCPD: Sending notification of DISCOVER:
Mar 2 14:06:28.277: DHCPD: htype 1 chaddr 000f.fee1.d078
Mar 2 14:06:28.277: DHCPD: remote id 020a00000a0b100100000001
Mar 2 14:06:28.277: DHCPD: circuit id 00000000
Mar 2 14:06:28.277: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:06:28.277: DHCPD: htype 1 chaddr 000f.fee1.d078
Mar 2 14:06:28.277: DHCPD: remote id 020a00000a0b100100000001
Mar 2 14:06:28.277: DHCPD: circuit id 00000000
Mar 2 14:06:28.277: DHCPD: client requests 10.11.16.76.
Mar 2 14:06:28.277: DHCPD: Allocated binding 21EDD350
Mar 2 14:06:28.277: DHCPD: Adding binding to radix tree (10.11.16.76)
Mar 2 14:06:28.277: DHCPD: Adding binding to hash tree
Mar 2 14:06:28.277: DHCPD: assigned IP address 10.11.16.76 to client 0100.0ffe.e1d0.78.
Mar 2 14:06:28.621: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:06:28.621: DHCPD: htype 1 chaddr 8478.acc6.a568
Mar 2 14:06:28.621: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:06:28.621: DHCPD: circuit id 00000000
Mar 2 14:06:30.277: DHCPD: Sending notification of DISCOVER:
Mar 2 14:06:30.277: DHCPD: htype 1 chaddr 000f.fee1.d078
Mar 2 14:06:30.277: DHCPD: remote id 020a00000a0b100100000001
Mar 2 14:06:30.277: DHCPD: circuit id 00000000
Mar 2 14:06:30.277: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:06:30.277: DHCPD: htype 1 chaddr 000f.fee1.d078
Mar 2 14:06:30.277: DHCPD: remote id 020a00000a0b100100000001
Mar 2 14:06:30.277: DHCPD: circuit id 00000000
Mar 2 14:06:30.277: DHCPD: Sending notification of ASSIGNMENT:
Mar 2 14:06:30.277: DHCPD: address 10.11.16.76 mask 255.255.255.0
Mar 2 14:06:30.277: DHCPD: htype 1 chaddr 000f.fee1.d078
Mar 2 14:06:30.277: DHCPD: lease time remaining (secs) = 604800
Mar 2 14:06:34.105: DHCPD: Sending notification of DISCOVER:
Mar 2 14:06:34.105: DHCPD: htype 1 chaddr a048.1ca2.0cf6
Mar 2 14:06:34.105: DHCPD: remote id 020a00000a0b100100000001
Mar 2 14:06:34.105: DHCPD: circuit id 00000000
Mar 2 14:06:34.105: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:06:34.105: DHCPD: htype 1 chaddr a048.1ca2.0cf6
Mar 2 14:06:34.105: DHCPD: remote id 020a00000a0b100100000001
Mar 2 14:06:34.105: DHCPD: circuit id 00000000
Mar 2 14:06:34.105: DHCPD: client requests 10.11.16.81.
Mar 2 14:06:34.105: DHCPD: Allocated binding 3E476294
Mar 2 14:06:34.105: DHCPD: Adding binding to radix tree (10.11.16.81)
Mar 2 14:06:34.105: DHCPD: Adding binding to hash tree
Mar 2 14:06:34.105: DHCPD: assigned IP address 10.11.16.81 to client 01a0.481c.a20c.f6.
Mar 2 14:06:34.201: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:06:34.201: DHCPD: htype 1 chaddr 8478.acc6.a6fe
Mar 2 14:06:34.201: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:06:34.201: DHCPD: circuit id 00000000
Mar 2 14:06:36.105: DHCPD: Sending notification of DISCOVER:
Mar 2 14:06:36.105: DHCPD: htype 1 chaddr a048.1ca2.0cf6
Mar 2 14:06:36.105: DHCPD: remote id 020a00000a0b100100000001
Mar 2 14:06:36.105: DHCPD: circuit id 00000000
Mar 2 14:06:36.105: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:06:36.105: DHCPD: htype 1 chaddr a048.1ca2.0cf6
Mar 2 14:06:36.105: DHCPD: remote id 020a00000a0b100100000001
Mar 2 14:06:36.105: DHCPD: circuit id 00000000
Mar 2 14:06:36.105: DHCPD: Sending notification of ASSIGNMENT:
Mar 2 14:06:36.105: DHCPD: address 10.11.16.81 mask 255.255.255.0
Mar 2 14:06:36.105: DHCPD: htype 1 chaddr a048.1ca2.0cf6
Mar 2 14:06:36.105: DHCPD: lease time remaining (secs) = 604800
Mar 2 14:06:36.673: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:06:36.673: DHCPD: htype 1 chaddr 1ce6.c79b.895d
Mar 2 14:06:36.673: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:06:36.673: DHCPD: circuit id 00000000
Mar 2 14:06:38.841: DHCPD: checking for expired leases.
Mar 2 14:06:40.897: DHCPD: Sending notification of DISCOVER:
Mar 2 14:06:40.897: DHCPD: htype 1 chaddr a048.1cad.53ce
Mar 2 14:06:40.897: DHCPD: remote id 020a00000a0b100100000001
Mar 2 14:06:40.897: DHCPD: circuit id 00000000
Mar 2 14:06:40.897: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:06:40.897: DHCPD: htype 1 chaddr a048.1cad.53ce
Mar 2 14:06:40.897: DHCPD: remote id 020a00000a0b100100000001
Mar 2 14:06:40.897: DHCPD: circuit id 00000000
Mar 2 14:06:40.897: DHCPD: client requests 10.11.16.54.
Mar 2 14:06:40.897: DHCPD: Allocated binding 39F61E78
Mar 2 14:06:40.897: DHCPD: Adding binding to radix tree (10.11.16.54)
Mar 2 14:06:40.897: DHCPD: Adding binding to hash tree
Mar 2 14:06:40.897: DHCPD: assigned IP address 10.11.16.54 to client 01a0.481c.ad53.ce.
Mar 2 14:06:42.897: DHCPD: Sending notification of DISCOVER:
Mar 2 14:06:42.897: DHCPD: htype 1 chaddr a048.1cad.53ce
Mar 2 14:06:42.897: DHCPD: remote id 020a00000a0b100100000001
Mar 2 14:06:42.897: DHCPD: circuit id 00000000
Mar 2 14:06:42.897: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:06:42.897: DHCPD: htype 1 chaddr a048.1cad.53ce
Mar 2 14:06:42.897: DHCPD: remote id 020a00000a0b100100000001
Mar 2 14:06:42.897: DHCPD: circuit id 00000000
Mar 2 14:06:42.897: DHCPD: Sending notification of ASSIGNMENT:
Mar 2 14:06:42.897: DHCPD: address 10.11.16.54 mask 255.255.255.0
Mar 2 14:06:42.897: DHCPD: htype 1 chaddr a048.1cad.53ce
Mar 2 14:06:42.897: DHCPD: lease time remaining (secs) = 604800
Mar 2 14:06:54.577: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:06:54.577: DHCPD: htype 1 chaddr 8478.acc6.afe6
Mar 2 14:06:54.577: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:06:54.577: DHCPD: circuit id 00000000
Mar 2 14:06:58.205: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:06:58.205: DHCPD: htype 1 chaddr 8478.acc6.afe3
Mar 2 14:06:58.205: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:06:58.205: DHCPD: circuit id 00000000
Mar 2 14:07:06.201: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:07:06.201: DHCPD: htype 1 chaddr 8478.acc6.a6fe
Mar 2 14:07:06.201: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:07:06.201: DHCPD: circuit id 00000000
Mar 2 14:07:08.689: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:07:08.689: DHCPD: htype 1 chaddr 1ce6.c79b.895d
Mar 2 14:07:08.689: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:07:08.689: DHCPD: circuit id 00000000
Mar 2 14:07:15.741: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:07:15.741: DHCPD: htype 1 chaddr 2401.c73d.04f9
Mar 2 14:07:15.741: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:07:15.741: DHCPD: circuit id 00000000
Mar 2 14:07:19.741: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:07:19.741: DHCPD: htype 1 chaddr 2401.c73d.04f9
Mar 2 14:07:19.741: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:07:19.741: DHCPD: circuit id 00000000
Mar 2 14:07:27.741: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:07:27.741: DHCPD: htype 1 chaddr 2401.c73d.04f9
Mar 2 14:07:27.741: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:07:27.741: DHCPD: circuit id 00000000
Mar 2 14:07:28.497: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:07:28.497: DHCPD: htype 1 chaddr 8478.acc6.a4e1
Mar 2 14:07:28.497: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:07:28.497: DHCPD: circuit id 00000000
Mar 2 14:07:29.665: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:07:29.665: DHCPD: htype 1 chaddr 8478.acc6.b2c4
Mar 2 14:07:29.665: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:07:29.665: DHCPD: circuit id 00000000
Mar 2 14:07:32.497: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:07:32.497: DHCPD: htype 1 chaddr 8478.acc6.a4e1
Mar 2 14:07:32.497: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:07:32.497: DHCPD: circuit id 00000000
Mar 2 14:07:32.621: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:07:32.621: DHCPD: htype 1 chaddr 8478.acc6.a568
Mar 2 14:07:32.621: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:07:32.621: DHCPD: circuit id 00000000
Mar 2 14:07:33.665: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:07:33.665: DHCPD: htype 1 chaddr 8478.acc6.b2c4
Mar 2 14:07:33.665: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:07:33.665: DHCPD: circuit id 00000000
Mar 2 14:07:36.621: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:07:36.621: DHCPD: htype 1 chaddr 8478.acc6.a568
Mar 2 14:07:36.621: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:07:36.621: DHCPD: circuit id 00000000
Mar 2 14:07:40.497: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:07:40.497: DHCPD: htype 1 chaddr 8478.acc6.a4e1
Mar 2 14:07:40.497: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:07:40.497: DHCPD: circuit id 00000000
Mar 2 14:07:41.665: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:07:41.665: DHCPD: htype 1 chaddr 8478.acc6.b2c4
Mar 2 14:07:41.665: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:07:41.665: DHCPD: circuit id 00000000
Mar 2 14:07:43.741: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:07:43.741: DHCPD: htype 1 chaddr 2401.c73d.04f9
Mar 2 14:07:43.741: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:07:43.741: DHCPD: circuit id 00000000
Mar 2 14:07:44.621: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:07:44.621: DHCPD: htype 1 chaddr 8478.acc6.a568
Mar 2 14:07:44.621: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:07:44.621: DHCPD: circuit id 00000000
Mar 2 14:07:56.497: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:07:56.497: DHCPD: htype 1 chaddr 8478.acc6.a4e1
Mar 2 14:07:56.497: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:07:56.497: DHCPD: circuit id 00000000
Mar 2 14:07:57.665: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:07:57.665: DHCPD: htype 1 chaddr 8478.acc6.b2c4
Mar 2 14:07:57.665: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:07:57.665: DHCPD: circuit id 00000000
Mar 2 14:07:58.577: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:07:58.577: DHCPD: htype 1 chaddr 8478.acc6.afe6
Mar 2 14:07:58.577: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:07:58.577: DHCPD: circuit id 00000000
Mar 2 14:08:00.621: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:08:00.621: DHCPD: htype 1 chaddr 8478.acc6.a568
Mar 2 14:08:00.621: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:08:00.621: DHCPD: circuit id 00000000
Mar 2 14:08:02.201: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:08:02.201: DHCPD: htype 1 chaddr 8478.acc6.afe3
Mar 2 14:08:02.201: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:08:02.201: DHCPD: circuit id 00000000
Mar 2 14:08:02.577: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:08:02.577: DHCPD: htype 1 chaddr 8478.acc6.afe6
Mar 2 14:08:02.577: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:08:02.577: DHCPD: circuit id 00000000
Mar 2 14:08:06.201: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:08:06.201: DHCPD: htype 1 chaddr 8478.acc6.afe3
Mar 2 14:08:06.201: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:08:06.201: DHCPD: circuit id 00000000
Mar 2 14:08:10.201: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:08:10.201: DHCPD: htype 1 chaddr 8478.acc6.a6fe
Mar 2 14:08:10.201: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:08:10.201: DHCPD: circuit id 00000000
Mar 2 14:08:10.577: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:08:10.577: DHCPD: htype 1 chaddr 8478.acc6.afe6
Mar 2 14:08:10.577: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:08:10.577: DHCPD: circuit id 00000000
R1#
Mar 2 14:08:12.673: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:08:12.673: DHCPD: htype 1 chaddr 1ce6.c79b.895d
Mar 2 14:08:12.673: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:08:12.673: DHCPD: circuit id 00000000
R1#
Mar 2 14:08:14.197: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:08:14.197: DHCPD: htype 1 chaddr 8478.acc6.a6fe
Mar 2 14:08:14.201: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:08:14.201: DHCPD: circuit id 00000000
Mar 2 14:08:14.201: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:08:14.201: DHCPD: htype 1 chaddr 8478.acc6.afe3
Mar 2 14:08:14.201: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:08:14.201: DHCPD: circuit id 00000000
Mar 2 14:08:15.737: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:08:15.737: DHCPD: htype 1 chaddr 2401.c73d.04f9
Mar 2 14:08:15.737: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:08:15.737: DHCPD: circuit id 00000000
Mar 2 14:08:16.673: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:08:16.673: DHCPD: htype 1 chaddr 1ce6.c79b.895d
Mar 2 14:08:16.673: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:08:16.673: DHCPD: circuit id 00000000
Mar 2 14:08:22.197: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:08:22.197: DHCPD: htype 1 chaddr 8478.acc6.a6fe
Mar 2 14:08:22.197: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:08:22.197: DHCPD: circuit id 00000000
Mar 2 14:08:24.673: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:08:24.673: DHCPD: htype 1 chaddr 1ce6.c79b.895d
Mar 2 14:08:24.673: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:08:24.673: DHCPD: circuit id 00000000
Mar 2 14:08:26.577: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:08:26.577: DHCPD: htype 1 chaddr 8478.acc6.afe6
Mar 2 14:08:26.577: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:08:26.577: DHCPD: circuit id 00000000
Mar 2 14:08:28.493: DHCPD: Seeing if there is an internally specified pool class:
Mar 2 14:08:28.493: DHCPD: htype 1 chaddr 8478.acc6.a4e1
Mar 2 14:08:28.493: DHCPD: remote id 020a00000ad31001000000d3
Mar 2 14:08:28.493: DHCPD: circuit id 00000000
03-02-2015 11:37 AM
Hi,
Thanks for the information supplied. I am sorry to say that I feel a bit confused at the moment. From your switch debug it looks that your clients ask DHCP server via Vlan 211 not Vlan 1 as you have indicated. Your R1 router seems to assign ip addresses for Vlan 1 though. Is there any other DHCP server active? As your only trust switch interface is Gi1/0/48 the dhcp requests can be forwarded only there - can you please be more specific as what is connected to Gi1/0/48.
I am affraid I may also need at least part of the router configuration to step forward. Namely router dhcp server part and interface connecting the switch configuration if possible.
Thanks & Regards,
Antonin
03-02-2015 11:37 AM
Hi Antonin,
I edited my comment as it had my device hostname, please remove the hostname from your comment as well.
Vlan211 is the voice vlan but I mentioned only vlan1 for brevity. The lease configured for the pool assigned to Vlan1 has lease configured as "7 days". I tested DHCP by disabling a port on a switch connected to a host while clearing the DHCP entries in router simultaneously. When I enable the port again, the ip is received by the host but DHCP binding entries in the router remains zero. There are no entries in switch snooping binding table as well.
How does this happen? The host comes up, receives the ip but there are no entries in DHCP table of the router. Is it because the Router has lease configured as 7 days? Also I removed entire DHCP config from router and then disabled some ports and enabled them. They were again receiving the ip but no entries in DHCP binding table of the router.
03-02-2015 02:03 PM
Hi,
Thanks for the reply. I have edited my post as per your request.
I respect you decision not to post full configuration of both your switch and router but it is not quite easy to understand the whole picture under these conditions.
Can you please confirm that all your clients are connected via this switch only and that the trunk between the switch and router is the only connection. I also understand that the trunk in question is Gi 1/0/48 at the switch side and that there are no other dhcp servers present.
I guess that your client PCs are connected via Cisco IP phones. If so can you please post one such interface configuration. Also the trunk configuration and dhcp server configuration would be appeciated (they all use private address space after all).
As for your test:
I tested DHCP by disabling a port on a switch connected to a host while clearing the DHCP entries in router simultaneously. When I enable the port again, the ip is received by the host but DHCP binding entries in the router remains zero. There are no entries in switch snooping binding table as well.
Can you please improve your test by clearing the ip address at your client PC ("ipconfig /release" and "ipconfig /renew" if MS Windows). My concern is whether your client PC really loses IP address during your test.
Thanks & Regards,
Antonin
03-03-2015 04:51 AM
Hi Antonin,
Below are the required configs for your reference:
R1#sh run | i dhcp
no ip dhcp use vrf connected
ip dhcp excluded-address 10.11.16.1 10.11.16.50
ip dhcp excluded-address 10.11.16.126 10.11.16.254
ip dhcp excluded-address 10.211.16.1 10.211.16.50
ip dhcp pool Khazzan-voice
ip dhcp pool NAC
ip dhcp pool NAC gust user
ip dhcp pool Khazzan
no ip dhcp client request tftp-server-address
ip address dhcp
R1#sh ip int brief | i up
GigabitEthernet0/0 unassigned YES NVRAM up up
ISM0/0 10.211.16.1 YES unset up up
GigabitEthernet0/1 10.133.21.66 YES DHCP up up
ISM0/1 unassigned YES unset up up
GigabitEthernet0/0/0 unassigned YES unset up up
SM1/1 unassigned YES unset up up
Vlan1 10.11.16.1 YES NVRAM up up
Vlan2 10.111.16.1 YES NVRAM up up
Vlan211 10.211.16.1 YES NVRAM up up
SW#sh run | i dhcp
ip dhcp snooping
ip dhcp snooping vlan 1-2,211
ip dhcp snooping trust
interface GigabitEthernet1/0/45
switchport mode access
switchport voice vlan 211
switchport port-security maximum 4
switchport port-security
authentication event fail action next-method
authentication event server dead action authorize vlan 211
authentication event server dead action authorize voice
authentication event server alive action reinitialize
authentication host-mode multi-domain
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
authentication violation restrict
mab
dot1x pae authenticator
dot1x timeout tx-period 10
dot1x timeout supp-timeout 31
spanning-tree portfast
03-03-2015 01:46 PM
Hi,
Thanks for the information provided. It helps me understand the configuration bit more.
Have you tried to manually release and renew the ip address for one of your client PC as I have suggested? I think the basic question which needs to be answered first is whether your clients really can get their ip addresses assigned by dhcp server with no bindings shown at both the switch and server. This is what I understand from your post. So can you please try if possible.
On the other hand if your client PC cannot get IP address reassigned there is another quick try. I can remember various IOS bugs where the DHCP request with the broadcast address could not be forwarded via trusted interface. The workaround (if I remember correctly) was to disable DHCP snooping and re-enable it again - you can please also try.
And finally if your client PC cannot get IP address reassigned this may be Option-82 issue. Quick check is to disable the option via the "no ip dhcp snooping information option" switch command and try.
Best regards,
Antonin
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide