10-23-2015 10:09 AM - edited 03-08-2019 02:21 AM
before i ask my question let me give a little bit of background information. I am setting up multiple vlans on my network, vlan 301-304 and they are all going over a single switch port to another device.
vlan 301 has a SVI IP of 192.168.1.1,
vlan 302 has a SVI IP of 192.168.2.1,
vlan 303 has a SVI IP of 192.168.3.1,
vlan 304 has a SVI IP of 192.168.4.1
all have a mask of 255.255.255.192 and all have the ip helper-address ip of 192.168.2.150.
the IP of the router layer 3 port is 192.168.2.253 255.255.255.248
the IP of the router is 192.168.2.254 and all the routes back to the SVI are in the router
the ip of the dhcp server is 192.168.2.150 and it resides in vlan 1 that has an ip of 192.168.2.140 255.255.255.224
I have no problems routing traffic to and from the router. my problem is the pc on and of the vlans can not get dhcp from the dhcp server. on the dhcp server i can see the requests for an ip and where it is offering the ip but the pc never receives it. I am using a catalyst 3850 switch and a cisco 3700 series router.
10-23-2015 10:18 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
In general, if your DHCP server isn't on same subnet as the requesting host, you need to have, on the gateway interface, an IP helper with the DHCP server's address.
10-24-2015 06:46 PM
I made a mistake in my original post the DHCP server is 192.168.2.150 sorry for the confusion
10-23-2015 10:53 AM
Hello,
"192.168.1.150 and it resides in vlan 1 that has an ip of 192.168.2.140 255.255.255.224"
The IP is 192.168.2.150? right?
Does a PC resided in VLAN 1 receive IP?
10-26-2015 12:36 PM
yes the IP is 192.168.2.150 for the dhcp server I messed up on the original post and put 192.168.1.150 but I can assure you that it is in the server correctly. I have been beating my face on the desk trying to figure this one out why the dhcp server can get the request and send out the acknowledgement and ip but it never gets back to the requester
10-27-2015 08:06 PM
Hello,
You mentioned that your DHCP server replies to your switch. Try to debug to see how your switch relays and how it receives responce from your DHCP server. You should only use one client to see the result better.
SW#DEBUG IP DHCP SERVER PACKET
It shoud be similar to this in your case.
DHCPD: Looking up binding using address 192.168.1.1
DHCPD: setting giaddr to 192.168.1.1.
BOOTREQUEST from (MAC) forwarded to 192.168.2.150( Your DHCP server)
forwarding BOOTREPLY to client (mac).
Check for IPe on Vlan301
creating ARP entry (IP asigned to client 192.168.1.100, MAC).
unicasting BOOTREPLY to client MAC
forwarding BOOTREPLY to client MAC.
Masoud
10-23-2015 04:19 PM
Your switch is hosting the vlan's but your router is not therefor, no router on a stick?
If this is the case, there's several options you can do to correct this issue.
I would turn L3 on the switch, and create a /30 link between your switch and router, that should make it manageable to reach your DHCP server.
You could also create router on a stick, you would have to change the IP address of your SVI's to .2 and put .1 on your router subinterfaces as a gateway address. This should also solve your issue.
10-24-2015 02:17 AM
HI,
Please change the IP helper address to your dhcp server ip. As your dhcp server ip is 192.168.1.150 while according to your configuration you assigned helper address 192.168.2.150.
Configure below command
(config)#ip helper-address 192.168.1.150
Make the changes and hope it will work.
10-26-2015 06:22 PM
There are several things that we do not know and this makes it difficult to determine quite what is the problem. It is not clear whether the switch is operating as a layer 2 switch or as a layer 3 switch (though the description of a router layer 3 interface suggests that it is a layer 2 switch). And it is not clear where the helper address commands are configured? Are they on the switch or on the connected layer 3 device? It is also not clear whether there might be problems with the configuration of the DHCP scopes. If we get information that clarifies these things we might be closer to understanding what is the problem.
HTH
Rick
10-27-2015 06:53 AM
the connection on the switch to the router is a layer 3 connection with an IP of 192.168.2.253 255.255.255.248 . the ip helper command was put on each SVI in the switch.
all of my connections to the switch are as follows
port 1/0/2 is a layer 3 port 192.168.2.253 255.255.255.248
port 1/0/3 trunk port that the SVI connect through to another device
port 1/0/22 access port for dhcp server. dhcp server IP 192.168.2.150 255.255.255.128
in the dhcp server I have set up 5 scopes
192.168.1.0 255.255.255.192
192.168.2.0 255.255.255.192
192.168.3.0 255.255.255.192
192.168.4.0 255.255.255.192
192.168.2.128 255.255.255.192
each SVI will reach the dhcp server and the dhcp server will issue an IP from the correct pool but it never makes it to the dhcp client. I can change the mask on the dhcp server to a /24 and can receive the IP address on the the SVI 192.168.2.1 and it sends the correct IP range for the SVI. my only problem is receiving the response from the dhcp server on the dhcp client.
Rick this is on the same setup that you helped me with earlier on routing the VLAN through the switch. and I don't know if I got to tell you how much that helped me so thank you very much.
10-27-2015 07:24 AM
I am glad that my previous suggestions were helpful (though I admit that I do not remember the specific question or issue). I am still not clear whether "ip routing" is enabled on this switch or not.
It is interesting that you can see that the request from the client gets to the DHCP server and that the server is offering an IP address but that this response does not get to the client. Could you post the output of show vlan and of show interface status from the switch? And tell us at least one of the switch ports where a client is having this problem?
HTH
Rick
10-27-2015 07:50 AM
all the clients are connected through switchport 1/0/3
Switch#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi1/0/1, Gi1/0/4, Gi1/0/5
Gi1/0/6, Gi1/0/7, Gi1/0/8
Gi1/0/9, Gi1/0/10, Gi1/0/11
Gi1/0/12, Gi1/0/13, Gi1/0/14
Gi1/0/15, Gi1/0/16, Gi1/0/17
Gi1/0/18, Gi1/0/19, Gi1/0/20
Gi1/0/21, Gi1/0/22, Gi1/0/23
Gi1/0/24, Gi1/1/1, Gi1/1/2
Te1/1/3, Te1/1/4
301 168_2 active
302 168_3 active
303 168_4 active
304 168_5 active
Switch#show interfaces status
Port Name Status Vlan Duplex Speed Type
Gi1/0/1 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/2 connected routed a-full a-100 10/100/1000BaseTX
Gi1/0/3 connected trunk a-full a-1000 10/100/1000BaseTX
Gi1/0/4 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/5 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/6 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/7 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/8 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/9 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/10 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/11 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/12 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/13 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/14 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/15 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/16 connected 1 a-full a-100 10/100/1000BaseTX
Gi1/0/17 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/18 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/19 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/20 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/21 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/22 connected 1 a-full a-100 10/100/1000BaseTX
Gi1/0/23 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/24 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/1/1 notconnect 1 auto auto unknown
Gi1/1/2 notconnect 1 auto auto unknown
Te1/1/3 notconnect 1 auto auto unknown
Te1/1/4 notconnect 1 auto auto unknown
this is the problem you helped me with before to kinda give you an idea where all this started https://supportforums.cisco.com/discussion/12603336/multiple-vlan-multiple-ports-connecting-router-through-single-interface
10-27-2015 08:19 AM
Thanks for the link to the previous discussion. I now remember it quite well. It is still not clear whether the switch has "ip routing" enabled.
Perhaps we might see something that would help us understand if you post the output of show ip route from the switch. Also if you would post the output show show mac address-table from the switch and indicate a MAC address or two that belong to the devices that are trying to obtain IP addresses?
If you manually configure on one of the downstream devices an IP address, mask, and gateway does the device then function normally on the network?
HTH
Rick
10-27-2015 08:36 AM
sorry I forgot to add that to my last post but yes I do have ip routing enabled. If I manually add the ip configuration to the end user it will ping the gateway router
here are the outputs you ask for
Switch#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is 192.168.2.254 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 192.168.2.254
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/26 is directly connected, Vlan301
L 192.168.1.1/32 is directly connected, Vlan301
192.168.2.0/24 is variably subnetted, 6 subnets, 4 masks
C 192.168.2.0/26 is directly connected, Vlan302
L 192.168.2.1/32 is directly connected, Vlan302
C 192.168.2.128/27 is directly connected, Vlan1
L 192.168.2.140/32 is directly connected, Vlan1
C 192.168.2.248/29 is directly connected, GigabitEthernet1/0/2
L 192.168.2.253/32 is directly connected, GigabitEthernet1/0/2
192.168.3.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.3.0/26 is directly connected, Vlan303
L 192.168.3.1/32 is directly connected, Vlan303
192.168.4.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.4.0/26 is directly connected, Vlan304
L 192.168.4.1/32 is directly connected, Vlan304
Switch#show mac address-table
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
All 0100.0ccc.cccc STATIC CPU
All 0100.0ccc.cccd STATIC CPU
All 0100.0ccc.ccce STATIC CPU
All 0180.c200.0000 STATIC CPU
All 0180.c200.0001 STATIC CPU
All 0180.c200.0002 STATIC CPU
All 0180.c200.0003 STATIC CPU
All 0180.c200.0004 STATIC CPU
All 0180.c200.0005 STATIC CPU
All 0180.c200.0006 STATIC CPU
All 0180.c200.0007 STATIC CPU
All 0180.c200.0008 STATIC CPU
All 0180.c200.0009 STATIC CPU
All 0180.c200.000a STATIC CPU
All 0180.c200.000b STATIC CPU
All 0180.c200.000c STATIC CPU
All 0180.c200.000d STATIC CPU
All 0180.c200.000e STATIC CPU
All 0180.c200.000f STATIC CPU
All 0180.c200.0010 STATIC CPU
All ffff.ffff.ffff STATIC CPU
1 0006.0d73.5a41 DYNAMIC Gi1/0/16
1 001f.1641.e3e3 DYNAMIC Gi1/0/22
1 547c.69d0.2247 STATIC Vl1
301 547c.69d0.2262 STATIC Vl301
302 547c.69d0.2277 STATIC Vl302
302 f0de.f178.7b35 DYNAMIC Gi1/0/3
303 547c.69d0.225a STATIC Vl303
304 547c.69d0.2264 STATIC Vl304
305 547c.69d0.227a STATIC Vl305
Total Mac Addresses for this criterion: 30
10-27-2015 09:10 AM
Thanks for the additional information. Glad to know for sure that ip routing is enabled. I see one dynamic learned MAC in the table. Is f0de.f178.7b35
the device that is attempting to obtain an IP via DHCP?
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide