Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2423
Views
0
Helpful
5
Replies

DHCPSNOOP(hlfm_set_if_input)

Joris Deprouw
Level 1
Level 1

‎10-23-2013 06:34 AM - edited ‎03-07-2019 04:11 PM

Hi All,

We have upgraded our 3750 switches from IOS 122-53.SE2 to 122-55.SE8.

Since this update users from several vlans (not all) have issues renewing their ip address.

For all vlans DHCP-snooping is activated.

no ip dhcp snooping information option allow-untrusted

no ip dhcp snooping information option

no ip dhcp snooping database

ip dhcp snooping database write-delay 300

ip dhcp snooping database timeout 300

ip dhcp snooping verify mac-address

ip dhcp snooping verify no-relay-agent-address

ip dhcp snooping

000844: Oct 21 12:08:08.948: DHCPSNOOP(hlfm_set_if_input): Clearing if_input for pak.  Was Fa1/0/4

000845: Oct 21 12:08:08.956: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Po1 for pak.  Was not set

000846: Oct 21 12:08:08.956: DHCPSNOOP(hlfm_set_if_input): Clearing if_input for pak.  Was Po1

000847: Oct 21 12:08:09.543: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Fa1/0/12 for pak.  Was not set

000848: Oct 21 12:08:09.543: DHCPSNOOP(hlfm_set_if_input): Clearing if_input for pak.  Was Fa1/0/12

 

When we disabled the ip dhcp snooping for the affected vlan, everything works fine.

Cisco tac has already proposed to add command "no ip dhcp relay information check"  related to Option 82 of DHCP.

However after applying this command and reactication ip DHCP snooping. We still have the same issue.

We can see these alerts in the logs:

000844: Oct 21 12:08:08.948: DHCPSNOOP(hlfm_set_if_input): Clearing if_input for pak.  Was Fa1/0/4
000845: Oct 21 12:08:08.956: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Po1 for pak.  Was not set
000846: Oct 21 12:08:08.956: DHCPSNOOP(hlfm_set_if_input): Clearing if_input for pak.  Was Po1
000847: Oct 21 12:08:09.543: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Fa1/0/12 for pak.  Was not set
000848: Oct 21 12:08:09.543: DHCPSNOOP(hlfm_set_if_input): Clearing if_input for pak.  Was Fa1/0/1

Did someone see this issue before?

Thanks,

Joris

Labels:
0 Helpful
5 Replies 5

Sandeep Choudhary
VIP Alumni
VIP Alumni

‎10-23-2013 07:00 AM

Hi joris,

I don't know abt ur topology but still can help little bit.

If on clients already in the binding state then you can do ipconfig/release then ipconfig/renew and see wt happens.

It's all about the path that ur DHCP traffic takes to get to ur access layer switches. All upstream trunk port to the dhcp server need to be trusted(ip dhcp snooping trust)

https://cciereview.wordpress.com/tag/dhcp /

http://blog.ine.com/2009/07/22/understanding-dhcp-option-82/

Check it out these post or put ur topology here.


Sent from Cisco Technical Support iPhone App

0 Helpful

Joris Deprouw
Level 1
Level 1
In response to Sandeep Choudhary

‎10-23-2013 07:19 AM

Hi,

We see the issue at different sites +20.

Our setup is fairly simple. We have a router on a stick setup. So the switch is pure L2, with a trunk to the router, which has subinterfaces for each vlan. Some sites with 1 router and 1 switch/stack, some with 1 router and multiple switches/stacks.

The uplink ports to the trunk are configured with ip dhcp snooping trust.

Some vlans on that same trunk, managed by the same router don't have an issue. With the old IOS we didn't have any issue. So I doubt that the config is the problem. Maybe new features in the new IOS could cause this problem.

Thanks for you help,

Best Regards,

Joris

0 Helpful

Joris Deprouw
Level 1
Level 1
In response to Sandeep Choudhary

‎10-23-2013 07:27 AM

Hi,

I have read the first post

https://cciereview.wordpress.com/tag/dhcp

The solution there is to configure the affected ports with command "ip dhcp snoop trust". I ask myself, what's the point of Ip dhcp snooping when you trust every port on the switch.

On the second post

http://blog.ine.com/2009/07/22/understanding-dhcp-option-82/

It seems to me the command "no ip dhcp relay information check" is activated on the router.

We only applied it on the L2 switches. Could that be the issue?

Joris

0 Helpful

Joris Deprouw
Level 1
Level 1
In response to Joris Deprouw

‎02-20-2014 01:07 AM

Hi All,

It was a bug in the IOS version.

The problems that we had, was caused by CSCuj03351 bug that was found first on for IOS 12.2(55)SE8 and is in fact a duplicate of CSCui65252

Best Regards,

Joris

0 Helpful

Sandeep Choudhary
VIP Alumni
VIP Alumni
In response to Joris Deprouw

‎02-20-2014 01:20 AM

Glad that finally you track down the issue.

Regards
Dont forget to rate helpful posts



Sent from Cisco Technical Support iPhone App

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card