cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
195
Views
17
Helpful
7
Replies
Highlighted
Beginner

Ip conflict list in a cisco 4500 E core switch

Dear all,

I have two redondant switch core cisco 4500 E series. Between the two switchs there is EtherChannels. The same DHCP pools are defined on both of them. On the vlan interfaces configuration on the second switch we have mentioned a standby mode with a priority value of 200. However, we have always a dhcp conflict list full of addresses detected.

** Here is an example of a Vlan interface's configuration on the first switch:


interface Vlan12
description ####### VLAN USERS ETAGE 2 ######
ip address 172.16.12.253 255.255.255.0
standby 12 ip 172.16.12.254
standby 12 priority 200
standby 12 preempt

** The configuration of the same vlan interface but in the second swith core:

interface Vlan12
description ####### VLAN USERS ETAGE 2 ######
ip address 172.16.12.252 255.255.255.0
standby 12 ip 172.16.12.254
standby 12 preempt

** the Dhcp pool configuration of vlan 12 on the switch core 1

ip dhcp pool 2ETAGE
network 172.16.12.0 255.255.255.0
domain-name *******************
default-router 172.16.12.254
dns-server ************* 8 8.8.8.8
netbios-name-server *************
lease 8
address 172.16.12.88 hardware-address 00c0.eea4.226f
address 172.16.12.16 hardware-address a816.b2e1.6951
address 172.16.12.149 hardware-address 00c0.ee4a.d3c3
address 172.16.12.190 hardware-address 0017.6110.fbcd
address 172.16.12.191 hardware-address 0017.6110.f35d
address 172.16.12.40 hardware-address 0017.c80e.443d
address 172.16.12.83 hardware-address 0026.5a6e.06d6
address 172.16.12.195 hardware-address c056.e332.b084
!

** The dhcp pool configuration of vlan 12 in the switch core 2

ip dhcp pool 2ETAGE
network 172.16.12.0 255.255.255.0
domain-name *****************
default-router 172.16.12.254
dns-server ************************** 8.8.8.8
netbios-name-server ****************
lease 8
address 172.16.12.88 hardware-address 00c0.eea4.226f
address 172.16.12.16 hardware-address a816.b2e1.6951
address 172.16.12.149 hardware-address 00c0.ee4a.d3c3
address 172.16.12.191 hardware-address 0017.6110.f35d
address 172.16.12.190 hardware-address 0017.6110.fbcd
address 172.16.12.40 hardware-address 0017.c80e.443d
address 172.16.12.83 hardware-address 0026.5a6e.06d6
address 172.16.12.195 hardware-address c056.e332.b084
!

The problem accur frequently and it's manifested by the non response of the dhcp server so the client machine isn't able to get an ip address

from the server. And to get out from the situation, we executed the following commands that resolve the problem temporary:

Kerio Connect client

Thank you for your  help 

Marwa 

7 REPLIES 7
Highlighted
VIP Mentor

Hi Marwa

In terms of Cisco devices acting as DHCP servers that's really a design issue , its not really advisable to have same pool on both devices redundant or not you will get dup ip issues its a known issue

If you have to go that way its recommended that you split the subnet between the dhcp servers whatever devices are acting as them

Highlighted

PS - the standby config you have has nothing to do with DHCP at all.  Split the DHCP pool via the

ip dhcp excluded-address <range> command - exclude half of the addresses on each to avoid the conflicted addresses filling the table.

Highlighted

Hi pwwiddicombe,

Just i want to know and understand why "the standby config you have has nothing to do with DHCP at all"?

i haven't a deep knowledge about the HSRP :(

Thank you for your further help

Marwa

Highlighted

hey because HSRP is only for the active path that end users take to get out of the network based on the vip and priority set , when DHCP is on it broadcasts at layer 2,the layer 2 broadcast will go to all users in the subnet, it knows nothing of paths at layer 3 or routing , so even though the device might be redundant in terms of users not routing through it , DHCP offers will still be sent out and requested from that device even if users cant actually route through it , so the pool on each switch is vlaid and sending same information causing conflicts

Highlighted

Thank you Mark for the explanation.

Just a last point about  when i will exclude the half of the pool on each, will i get all machines served an IP address or there will be a deficiency?

i guess it will not be but i'm not sure 

Thank you very much :)

Highlighted

The idea is that all addresses are available, but each will be serving out addresses to the community.  If one is down, then you only have half the addresses available, until the downed DHCP is again available.

Highlighted

Thank you all :D 

Content for Community-Ad