06-10-2018 07:16 AM - edited 03-08-2019 03:19 PM
I'm new to networking and GNS3 so please correct me if I'm wrong.
All Switches are CISCO IOSvL2 appliances
I'm trying to get DHCP requests across vlans, my DHCP resides of VLAN 2 IT whilst the client computers reside on vlan 3 Clients which are trying to request DHCP access
It seems That the DHCP Server Discover packets are reaching the DHCP-Server however the Reply that the DHCP server sends is not forwarded from the SW-IT to SW-Main
Attached is the Packets intercepted from the DHCP-server to the SW-IT then SW-Main
Configuration Dumps
For the sake of troubleshooting I'll dump all my configs here
Main Router Config Dump
MainRouter-1#sh run Building configuration... Current configuration : 953 bytes ! version 15.2 service timestamps debug datetime msec service timestamps log datetime msec ! hostname MainRouter-1 ! boot-start-marker boot-end-marker ! ! ! no aaa new-model no ip icmp rate-limit unreachable ip cef ! ! ! ! ! ! no ip domain lookup no ipv6 cef ! ! multilink bundle-name authenticated ! ! ! ! ! ! ! ! ! ip tcp synwait-time 5 ! ! ! ! ! ! ! ! ! ! ! ! interface FastEthernet0/0 no ip address duplex full ! interface FastEthernet0/0.2 encapsulation dot1Q 2 ip address 192.168.2.1 255.255.255.0 ip helper-address 192.168.2.2 ! interface FastEthernet0/0.3 encapsulation dot1Q 3 ip address 192.168.3.1 255.255.255.0 ip helper-address 192.168.2.2 ! ip forward-protocol nd ! ! no ip http server no ip http secure-server ! ! ! ! control-plane ! ! line con 0 exec-timeout 0 0 privilege level 15 logging synchronous stopbits 1 line aux 0 exec-timeout 0 0 privilege level 15 logging synchronous stopbits 1 line vty 0 4 login ! ! end
SW-Main Configuration Dump
SW-Main>en SW-Main#sh run Building configuration... Current configuration : 3693 bytes ! ! Last configuration change at 13:54:30 UTC Sun Jun 10 2018 ! version 15.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption service compress-config ! hostname SW-Main ! boot-start-marker boot-end-marker ! ! ! no aaa new-model ! ! ! ! ! ! ! ! ip cef no ipv6 cef ! ! ! spanning-tree mode pvst spanning-tree extend system-id ! vlan internal allocation policy ascending ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface GigabitEthernet0/0 switchport trunk encapsulation dot1q switchport mode trunk media-type rj45 negotiation auto ! interface GigabitEthernet0/1 switchport trunk encapsulation dot1q switchport mode trunk media-type rj45 negotiation auto ! interface GigabitEthernet0/2 switchport trunk encapsulation dot1q switchport mode trunk media-type rj45 negotiation auto ! interface GigabitEthernet0/3 media-type rj45 negotiation auto ! interface GigabitEthernet1/0 media-type rj45 negotiation auto ! interface GigabitEthernet1/1 media-type rj45 negotiation auto ! interface GigabitEthernet1/2 media-type rj45 negotiation auto ! interface GigabitEthernet1/3 media-type rj45 negotiation auto ! interface GigabitEthernet2/0 media-type rj45 negotiation auto ! interface GigabitEthernet2/1 media-type rj45 negotiation auto ! interface GigabitEthernet2/2 media-type rj45 negotiation auto ! interface GigabitEthernet2/3 media-type rj45 negotiation auto ! interface GigabitEthernet3/0 media-type rj45 negotiation auto ! interface GigabitEthernet3/1 media-type rj45 negotiation auto ! interface GigabitEthernet3/2 media-type rj45 negotiation auto ! interface GigabitEthernet3/3 media-type rj45 negotiation auto ! ip forward-protocol nd ! no ip http server no ip http secure-server ! ! ! ! ! ! control-plane ! banner exec ^C ************************************************************************** * IOSv is strictly limited to use for evaluation, demonstration and IOS * * education. IOSv is provided as-is and is not supported by Cisco's * * Technical Advisory Center. Any use or disclosure, in whole or in part, * * of the IOSv Software or Documentation to any third party for any * * purposes is expressly prohibited except as otherwise authorized by * * Cisco in writing. * **************************************************************************^C banner incoming ^C ************************************************************************** * IOSv is strictly limited to use for evaluation, demonstration and IOS * * education. IOSv is provided as-is and is not supported by Cisco's * * Technical Advisory Center. Any use or disclosure, in whole or in part, * * of the IOSv Software or Documentation to any third party for any * * purposes is expressly prohibited except as otherwise authorized by * * Cisco in writing. * **************************************************************************^C banner login ^C ************************************************************************** * IOSv is strictly limited to use for evaluation, demonstration and IOS * * education. IOSv is provided as-is and is not supported by Cisco's * * Technical Advisory Center. Any use or disclosure, in whole or in part, * * of the IOSv Software or Documentation to any third party for any * * purposes is expressly prohibited except as otherwise authorized by * * Cisco in writing. * **************************************************************************^C ! line con 0 line aux 0 line vty 0 4 login ! ! end
SW-Main VLAN table Dump
SW-Main#sh vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Gi0/3, Gi1/0, Gi1/1, Gi1/2 Gi1/3, Gi2/0, Gi2/1, Gi2/2 Gi2/3, Gi3/0, Gi3/1, Gi3/2 Gi3/3 2 IT active 3 Clients active 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------ 1 enet 100001 1500 - - - - - 0 0 2 enet 100002 1500 - - - - - 0 0 3 enet 100003 1500 - - - - - 0 0 1002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0 Remote SPAN VLANs ------------------------------------------------------------------------------ Primary Secondary Type Ports ------- --------- ----------------- ------------------------------------------
SW-Main trunk Configuration
SW-Main#sh int trunk Port Mode Encapsulation Status Native vlan Gi0/0 on 802.1q trunking 1 Gi0/1 on 802.1q trunking 1 Gi0/2 on 802.1q trunking 1 Port Vlans allowed on trunk Gi0/0 1-4094 Gi0/1 1-4094 Gi0/2 1-4094 Port Vlans allowed and active in management domain Gi0/0 1-3 Gi0/1 1-3 Gi0/2 1-3 Port Vlans in spanning tree forwarding state and not pruned Gi0/0 1-3 Gi0/1 1-3 Gi0/2 1-3
SW-IT Config Dump
SW-IT#sh run Building configuration... Current configuration : 3695 bytes ! ! Last configuration change at 13:54:27 UTC Sun Jun 10 2018 ! version 15.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption service compress-config ! hostname SW-IT ! boot-start-marker boot-end-marker ! ! ! no aaa new-model ! ! ! ! ! ! ! ! ip cef no ipv6 cef ! ! ! spanning-tree mode pvst spanning-tree extend system-id ! vlan internal allocation policy ascending ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface GigabitEthernet0/0 media-type rj45 negotiation auto ! interface GigabitEthernet0/1 switchport access vlan 2 switchport mode access media-type rj45 negotiation auto ! interface GigabitEthernet0/2 switchport access vlan 2 switchport mode access media-type rj45 negotiation auto ! interface GigabitEthernet0/3 switchport access vlan 2 switchport trunk encapsulation dot1q switchport mode trunk media-type rj45 negotiation auto ! interface GigabitEthernet1/0 media-type rj45 negotiation auto ! interface GigabitEthernet1/1 media-type rj45 negotiation auto ! interface GigabitEthernet1/2 media-type rj45 negotiation auto ! interface GigabitEthernet1/3 media-type rj45 negotiation auto ! interface GigabitEthernet2/0 media-type rj45 negotiation auto ! interface GigabitEthernet2/1 media-type rj45 negotiation auto ! interface GigabitEthernet2/2 media-type rj45 negotiation auto ! interface GigabitEthernet2/3 media-type rj45 negotiation auto ! interface GigabitEthernet3/0 media-type rj45 negotiation auto ! interface GigabitEthernet3/1 media-type rj45 negotiation auto ! interface GigabitEthernet3/2 media-type rj45 negotiation auto ! interface GigabitEthernet3/3 media-type rj45 negotiation auto ! ip forward-protocol nd ! no ip http server no ip http secure-server ! ! ! ! ! ! control-plane ! banner exec ^C ************************************************************************** * IOSv is strictly limited to use for evaluation, demonstration and IOS * * education. IOSv is provided as-is and is not supported by Cisco's * * Technical Advisory Center. Any use or disclosure, in whole or in part, * * of the IOSv Software or Documentation to any third party for any * * purposes is expressly prohibited except as otherwise authorized by * * Cisco in writing. * **************************************************************************^C banner incoming ^C ************************************************************************** * IOSv is strictly limited to use for evaluation, demonstration and IOS * * education. IOSv is provided as-is and is not supported by Cisco's * * Technical Advisory Center. Any use or disclosure, in whole or in part, * * of the IOSv Software or Documentation to any third party for any * * purposes is expressly prohibited except as otherwise authorized by * * Cisco in writing. * **************************************************************************^C banner login ^C ************************************************************************** * IOSv is strictly limited to use for evaluation, demonstration and IOS * * education. IOSv is provided as-is and is not supported by Cisco's * * Technical Advisory Center. Any use or disclosure, in whole or in part, * * of the IOSv Software or Documentation to any third party for any * * purposes is expressly prohibited except as otherwise authorized by * * Cisco in writing. * **************************************************************************^C ! line con 0 line aux 0 line vty 0 4 login ! ! end
SW-IT Vlan table dump
SW-IT#sh vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Gi1/0, Gi1/1, Gi1/2, Gi1/3 Gi2/0, Gi2/1, Gi2/2, Gi2/3 Gi3/0, Gi3/1, Gi3/2, Gi3/3 2 IT active Gi0/1, Gi0/2, Gi0/3 3 Clients active 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------ 1 enet 100001 1500 - - - - - 0 0 2 enet 100002 1500 - - - - - 0 0 3 enet 100003 1500 - - - - - 0 0 1002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - srb 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0 Remote SPAN VLANs ------------------------------------------------------------------------------ Primary Secondary Type Ports ------- --------- ----------------- ------------------------------------------
SW-IT Trunk Configuration dump
SW-IT#sh int trunk Port Mode Encapsulation Status Native vlan Gi0/0 auto n-802.1q trunking 1 Port Vlans allowed on trunk Gi0/0 1-4094 Port Vlans allowed and active in management domain Gi0/0 1-3 Port Vlans in spanning tree forwarding state and not pruned Gi0/0 1-3
SW-Clients Configuration Dump
SW-Clients#sh run Building configuration... Current configuration : 3613 bytes ! ! Last configuration change at 13:54:32 UTC Sun Jun 10 2018 ! version 15.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption service compress-config ! hostname SW-Clients ! boot-start-marker boot-end-marker ! ! ! no aaa new-model ! ! ! ! ! ! ! ! ip cef no ipv6 cef ! ! ! spanning-tree mode pvst spanning-tree extend system-id ! vlan internal allocation policy ascending ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface GigabitEthernet0/0 media-type rj45 negotiation auto ! interface GigabitEthernet0/1 switchport access vlan 3 switchport mode access media-type rj45 negotiation auto ! interface GigabitEthernet0/2 switchport access vlan 3 switchport mode access media-type rj45 negotiation auto ! interface GigabitEthernet0/3 media-type rj45 negotiation auto ! interface GigabitEthernet1/0 media-type rj45 negotiation auto ! interface GigabitEthernet1/1 media-type rj45 negotiation auto ! interface GigabitEthernet1/2 media-type rj45 negotiation auto ! interface GigabitEthernet1/3 media-type rj45 negotiation auto ! interface GigabitEthernet2/0 media-type rj45 negotiation auto ! interface GigabitEthernet2/1 media-type rj45 negotiation auto ! interface GigabitEthernet2/2 media-type rj45 negotiation auto ! interface GigabitEthernet2/3 media-type rj45 negotiation auto ! interface GigabitEthernet3/0 media-type rj45 negotiation auto ! interface GigabitEthernet3/1 media-type rj45 negotiation auto ! interface GigabitEthernet3/2 media-type rj45 negotiation auto ! interface GigabitEthernet3/3 media-type rj45 negotiation auto ! ip forward-protocol nd ! no ip http server no ip http secure-server ! ! ! ! ! ! control-plane ! banner exec ^C ************************************************************************** * IOSv is strictly limited to use for evaluation, demonstration and IOS * * education. IOSv is provided as-is and is not supported by Cisco's * * Technical Advisory Center. Any use or disclosure, in whole or in part, * * of the IOSv Software or Documentation to any third party for any * * purposes is expressly prohibited except as otherwise authorized by * * Cisco in writing. * **************************************************************************^C banner incoming ^C ************************************************************************** * IOSv is strictly limited to use for evaluation, demonstration and IOS * * education. IOSv is provided as-is and is not supported by Cisco's * * Technical Advisory Center. Any use or disclosure, in whole or in part, * * of the IOSv Software or Documentation to any third party for any * * purposes is expressly prohibited except as otherwise authorized by * * Cisco in writing. * **************************************************************************^C banner login ^C ************************************************************************** * IOSv is strictly limited to use for evaluation, demonstration and IOS * * education. IOSv is provided as-is and is not supported by Cisco's * * Technical Advisory Center. Any use or disclosure, in whole or in part, * * of the IOSv Software or Documentation to any third party for any * * purposes is expressly prohibited except as otherwise authorized by * * Cisco in writing. * **************************************************************************^C ! line con 0 line aux 0 line vty 0 4 login ! ! end SW-Clients#
SW-Clients Vlan Table dump
SW-Clients#sh vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Gi0/3, Gi1/0, Gi1/1, Gi1/2 Gi1/3, Gi2/0, Gi2/1, Gi2/2 Gi2/3, Gi3/0, Gi3/1, Gi3/2 Gi3/3 2 IT active 3 Clients active Gi0/1, Gi0/2 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------ 1 enet 100001 1500 - - - - - 0 0 2 enet 100002 1500 - - - - - 0 0 3 enet 100003 1500 - - - - - 0 0 1002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - srb 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0 Remote SPAN VLANs ------------------------------------------------------------------------------ Primary Secondary Type Ports ------- --------- ----------------- ------------------------------------------
SW-Clients Trunk Configuration dump
SW-Clients#sh int trunk Port Mode Encapsulation Status Native vlan Gi0/0 auto n-802.1q trunking 1 Port Vlans allowed on trunk Gi0/0 1-4094 Port Vlans allowed and active in management domain Gi0/0 1-3 Port Vlans in spanning tree forwarding state and not pruned Gi0/0 1-3 SW-Clients#
DHCP-Server Configuration Dump
DHCP-Server#sh run Building configuration... Current configuration : 1000 bytes ! version 15.2 service timestamps debug datetime msec service timestamps log datetime msec ! hostname DHCP-Server ! boot-start-marker boot-end-marker ! ! ! no aaa new-model no ip icmp rate-limit unreachable ip cef ! ! ! ip dhcp excluded-address 192.168.2.0 192.168.2.10 ip dhcp excluded-address 192.168.3.0 192.168.3.10 ! ip dhcp pool IT network 192.168.2.0 255.255.255.0 default-router 192.168.2.1 ! ip dhcp pool Clients network 192.168.3.0 255.255.255.0 default-router 192.168.3.1 ! ! ! no ip domain lookup no ipv6 cef ! ! multilink bundle-name authenticated ! ! ! ! ! ! ! ! ! ip tcp synwait-time 5 ! ! ! ! ! ! ! ! ! ! ! ! interface FastEthernet0/0 ip address 192.168.2.2 255.255.255.0 duplex full ! ip forward-protocol nd ! ! no ip http server no ip http secure-server ! ! ! ! control-plane ! ! line con 0 exec-timeout 0 0 privilege level 15 logging synchronous stopbits 1 line aux 0 exec-timeout 0 0 privilege level 15 logging synchronous stopbits 1 line vty 0 4 login ! ! end
What I'am i doing wrong
Thanks For assisting me
Solved! Go to Solution.
06-30-2018 07:53 AM
Hello,
post the current configs of both routers...
07-10-2018 04:01 AM
Main-Router Configuration Dump
MainRouter#sh run Building configuration... Current configuration : 994 bytes ! version 15.2 service timestamps debug datetime msec service timestamps log datetime msec ! hostname MainRouter ! boot-start-marker boot-end-marker ! ! ! no aaa new-model no ip icmp rate-limit unreachable ip cef ! ! ! ! ! ! no ip domain lookup no ipv6 cef ! ! multilink bundle-name authenticated ! ! ! ! ! ! ! ! ! ip tcp synwait-time 5 ! ! ! ! ! ! ! ! ! ! ! ! interface FastEthernet0/0 no ip address duplex full ! interface FastEthernet0/0.2 encapsulation dot1Q 2 native ip address 192.168.2.1 255.255.255.0 ip helper-address 192.168.2.2 ! interface FastEthernet0/0.3 encapsulation dot1Q 3 ip address 192.168.3.1 255.255.255.0 ip helper-address 192.168.2.2 ! ! router eigrp 1 network 0.0.0.0 ! ip forward-protocol nd ! ! no ip http server no ip http secure-server ! ! ! ! control-plane ! ! line con 0 exec-timeout 0 0 privilege level 15 logging synchronous stopbits 1 line aux 0 exec-timeout 0 0 privilege level 15 logging synchronous stopbits 1 line vty 0 4 login ! ! end
DHCP-Server Configuration Dump
Building configuration... Current configuration : 1036 bytes ! version 15.2 service timestamps debug datetime msec service timestamps log datetime msec ! hostname DHCP-Server ! boot-start-marker boot-end-marker ! ! ! no aaa new-model no ip icmp rate-limit unreachable ip cef ! ! ! ip dhcp excluded-address 192.168.2.0 192.168.2.10 ip dhcp excluded-address 192.168.3.0 192.168.3.10 ! ip dhcp pool IT network 192.168.2.0 255.255.255.0 default-router 192.168.2.1 ! ip dhcp pool Clients network 192.168.3.0 255.255.255.0 default-router 192.168.3.1 ! ! ! no ip domain lookup no ipv6 cef ! ! multilink bundle-name authenticated ! ! ! ! ! ! ! ! ! ip tcp synwait-time 5 ! ! ! ! ! ! ! ! ! ! ! ! interface FastEthernet0/0 ip address 192.168.2.2 255.255.255.0 duplex full ! ! router eigrp 1 network 0.0.0.0 ! ip forward-protocol nd ! ! no ip http server no ip http secure-server ! ! ! ! control-plane ! ! line con 0 exec-timeout 0 0 privilege level 15 logging synchronous stopbits 1 line aux 0 exec-timeout 0 0 privilege level 15 logging synchronous stopbits 1 line vty 0 4 login ! ! end
07-10-2018 04:48 AM
07-10-2018 06:57 AM
Hello,
on the main router, change the vlan 2 subinterface back to what it was (no native):
interface FastEthernet0/0.2
encapsulation dot1Q 2
ip address 192.168.2.1 255.255.255.0
!
interface FastEthernet0/0.3
encapsulation dot1Q 3
ip address 192.168.3.1 255.255.255.0
ip helper-address 192.168.2.2
Also, make sure that the switchport connected to your DHCP-Server router is configured as an access port in vlan 2.
You need to be able to reach 192.168.3.1 from the DHCP server.
07-14-2018 09:04 PM
Thank you very much
The DHCP lab is finally Functional
I can't thank you enough for assisting me
07-15-2018 12:44 AM
Glad that you got it resolved !
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide