Your DHCP server replies to - Page 2

MATT ALLEN · ‎10-23-2015

before i ask my question let me give a little bit of background information. I am setting up multiple vlans on my network, vlan 301-304 and they are all going over a single switch port to another device.

vlan 301 has a SVI IP of 192.168.1.1,

vlan 302 has a SVI IP of 192.168.2.1,

vlan 303 has a SVI IP of 192.168.3.1,

vlan 304 has a SVI IP of 192.168.4.1

all have a mask of 255.255.255.192 and all have the ip helper-address ip of 192.168.2.150.

the IP of the router layer 3 port is 192.168.2.253 255.255.255.248

the IP of the router is 192.168.2.254 and all the routes back to the SVI are in the router

the ip of the dhcp server is 192.168.2.150 and it resides in vlan 1 that has an ip of 192.168.2.140 255.255.255.224

I have no problems routing traffic to and from the router. my problem is the pc on and of the vlans can not get dhcp from the dhcp server. on the dhcp server i can see the requests for an ip and where it is offering the ip but the pc never receives it. I am using a catalyst 3850 switch and a cisco 3700 series router.

MATT ALLEN · ‎10-27-2015

yes that is the one that should be on vlan 302 and I have another laptop that was off that is mac 0016 4112 123d that shows up now in valn 303

Switch#show mac address-table
Mac Address Table
-------------------------------------------

Vlan Mac Address Type Ports
---- ----------- -------- -----
All 0100.0ccc.cccc STATIC CPU
All 0100.0ccc.cccd STATIC CPU
All 0100.0ccc.ccce STATIC CPU
All 0180.c200.0000 STATIC CPU
All 0180.c200.0001 STATIC CPU
All 0180.c200.0002 STATIC CPU
All 0180.c200.0003 STATIC CPU
All 0180.c200.0004 STATIC CPU
All 0180.c200.0005 STATIC CPU
All 0180.c200.0006 STATIC CPU
All 0180.c200.0007 STATIC CPU
All 0180.c200.0008 STATIC CPU
All 0180.c200.0009 STATIC CPU
All 0180.c200.000a STATIC CPU
All 0180.c200.000b STATIC CPU
All 0180.c200.000c STATIC CPU
All 0180.c200.000d STATIC CPU
All 0180.c200.000e STATIC CPU
All 0180.c200.000f STATIC CPU
All 0180.c200.0010 STATIC CPU
All ffff.ffff.ffff STATIC CPU
1 0006.0d73.5a41 DYNAMIC Gi1/0/16
1 001f.1641.e3e3 DYNAMIC Gi1/0/22
1 547c.69d0.2247 STATIC Vl1
301 547c.69d0.2262 STATIC Vl301
302 547c.69d0.2277 STATIC Vl302
302 f0de.f178.7b35 DYNAMIC Gi1/0/3
303 0016.4112.123d DYNAMIC Gi1/0/3
303 547c.69d0.225a STATIC Vl303
304 547c.69d0.2264 STATIC Vl304
305 547c.69d0.227a STATIC Vl305
Total Mac Addresses for this criterion: 31

Richard Burts · ‎10-27-2015

Thanks for the information. Would you post the output of show interface trunk from the switch? Would you post the configuration of the switch port 1/0/3 which I believe is the trunk port to the downstream device? Also post the configuration of the vlan interfaces at least for 302 and 303?

HTH

Rick

HTH

Rick

MATT ALLEN · ‎10-27-2015

I hope this is what you are looking for

Switch#show interfaces trunk

Port Mode Encapsulation Status Native vlan
Gi1/0/3 on 802.1q trunking 1

Port Vlans allowed on trunk
Gi1/0/3 1-4094

Port Vlans allowed and active in management domain
Gi1/0/3 1,301-318,401-418,501-518,601-606

Port Vlans in spanning tree forwarding state and not pruned
Gi1/0/3 1,301-318,401-418,501-518,601-606
Switch#

Switch#show interface gigabitEthernet 1/0/3 switchport
Name: Gi1/0/3
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none

Switch#show interface vlan 302
Vlan302 is up, line protocol is up
Hardware is Ethernet SVI, address is 547c.69d0.2277 (bia 547c.69d0.2277)
Internet address is 192.168.2.1/26
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive not supported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 1000 bits/sec, 2 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
369671 packets input, 51047079 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
56859 packets output, 7887179 bytes, 0 underruns
0 output errors, 2 interface resets
11 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out

Switch#show interface vlan 303
Vlan303 is up, line protocol is up
Hardware is Ethernet SVI, address is 547c.69d0.225a (bia 547c.69d0.225a)
Internet address is 192.168.3.1/26
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive not supported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 01:49:05, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
10514 packets input, 1474228 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
173 packets output, 21448 bytes, 0 underruns
0 output errors, 2 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out

Richard Burts · ‎10-27-2015

The output of show interface trunk is normal. The main thing that I was looking for it to verify that the vlans in question are active/forwarding state and not pruned. What I was hoping to get about the interfaces was show run interface gi1/0/3 and show run int vlan 302.

I am beginning to think that the problem may be not on this switch but on the downstream device. Is that the Trident? What can you tell us about the interface on it which connects to gig1/0/3 of the switch?

HTH

Rick

HTH

Rick

MATT ALLEN · ‎10-27-2015

The port on the trident is configured to carry vlan 301 302 303 and 304. It does not have an ip associated with it. So I guess you could say that it is a trunk port with allowed vlan 301-304

Richard Burts · ‎10-28-2015

What I was trying to get at is the possibility of a mismatch between your switch and the Trident. Your switch will be doing vlan tagging and I want to be sure that the Trident will process the tagged frames. Reading back through the discussion I see that you have told us that if you configure manually an IP for an end user that they can ping the gateway router. So I guess this demonstrates that the Trident and the switch are talking correctly on the trunk port.

So probably the suggestion about running debug ip dhcp would be a good next step.

HTH

Rick

HTH

Rick

MATT ALLEN · ‎10-28-2015

ok I will check on that and get back to ya. I have been in meetings all morning.

MATT ALLEN · ‎10-29-2015

ok this is what the output for the debug ip dhcp server packet

*Oct 29 08:16:44.485: DHCPD: Reload workspace interface Vlan303 tableid 0.
*Oct 29 08:16:44.485: DHCPD: tableid for 192.168.3.1 on Vlan303 is 0
*Oct 29 08:16:44.485: DHCPD: client's VPN is .
*Oct 29 08:16:44.485: DHCPD: using received relay info.
*Oct 29 08:16:44.485: DHCPD: Looking up binding using address 192.168.3.1
*Oct 29 08:16:44.485: DHCPD: setting giaddr to 192.168.3.1.
*Oct 29 08:16:44.486: DHCPD: adding relay information option.
*Oct 29 08:16:44.486: DHCPD: BOOTREQUEST from 0016.4112.123d forwarded to 192.16 8.2.150.
*Oct 29 08:16:52.280: DHCPD: Reload workspace interface Vlan303 tableid 0.
*Oct 29 08:16:52.280: DHCPD: tableid for 192.168.3.1 on Vlan303 is 0
*Oct 29 08:16:52.280: DHCPD: client's VPN is .
*Oct 29 08:16:52.281: DHCPD: using received relay info.
*Oct 29 08:16:52.281: DHCPD: Looking up binding using address 192.168.3.1
*Oct 29 08:16:52.281: DHCPD: setting giaddr to 192.168.3.1.
*Oct 29 08:16:52.281: DHCPD: adding relay information option.
*Oct 29 08:16:52.281: DHCPD: BOOTREQUEST from 0016.4112.123d forwarded to 192.16 8.2.150.
*Oct 29 08:17:02.513: DHCPD: Reload workspace interface Vlan303 tableid 0.
*Oct 29 08:17:02.513: DHCPD: tableid for 192.168.3.1 on Vlan303 is 0
*Oct 29 08:17:02.513: DHCPD: client's VPN is .
*Oct 29 08:17:02.513: DHCPD: using received relay info.
*Oct 29 08:17:02.513: DHCPD: Looking up binding using address 192.168.3.1
*Oct 29 08:17:02.513: DHCPD: setting giaddr to 192.168.3.1.
*Oct 29 08:17:02.513: DHCPD: adding relay information option.
*Oct 29 08:17:02.514: DHCPD: BOOTREQUEST from 0016.4112.123d forwarded to 192.168.2.150.ndebug ip dhcp server packet
*Oct 29 08:17:09.532: DHCPD: Reload workspace interface Vlan303 tableid 0.
*Oct 29 08:17:09.532: DHCPD: tableid for 192.168.3.1 on Vlan303 is 0
*Oct 29 08:17:09.532: DHCPD: client's VPN is .
*Oct 29 08:17:09.532: DHCPD: using received relay info.
*Oct 29 08:17:09.532: DHCPD: Looking up binding using address 192.168.3.1
*Oct 29 08:17:09.533: DHCPD: setting giaddr to 192.168.3.1.
*Oct 29 08:17:09.533: DHCPD: adding relay information option.
*Oct 29 08:17:09.533: DHCPD: BOOTREQUEST from 0016.4112.123d forwarded to 192.168.2.150.

Jon Marshall · ‎10-29-2015

Matt

You are seeing the DHCP request being sent to the DHCP server but not getting anything back.

I think it may be a problem with the DHCP server, either it's scopes or it's IP settings.

You mentioned earlier about changing the subnet mask of the DHCP server.

What are it's IP settings ?

Jon

MATT ALLEN · ‎10-29-2015

The IP settings for the DHCP server

IP 192.168.2.150

Mask 255.255.255.0

Broadcast 192.168.255.255

I think you guys are correct the problem is probably my configuration of the DHCP server.

Jon Marshall · ‎10-29-2015

That is the wrong subnet mask.

It shoud be 255.255.255.224 and the default gateway should be 192.168.2.140.

Jon

MATT ALLEN · ‎10-29-2015

I changed my mask to 255.255.0.0 and it works fine now.

next step is to add a 10.10.10.0 network to the mix so that my dhcp server will issue 192 addresses and 10 addresses. any thoughts on that

Jon Marshall · ‎10-29-2015

Matt

There is something not right with your DHCP server IP settings.

The mask should not be 255.255.0.0 it should be as I said in my last post and I am basing that off your routing table.

Also the broadcast should be 192.168.2.159 but the server should be able to work this out from it's IP address and subnet mask.

I would get that working properly before you go further.

Have you created scopes with the right subnet masks on the DHCP server ?

Jon

MATT ALLEN · ‎10-30-2015

jon

I am not quite followingyou on why my gateway should be 192.168.2.140 when the ip of the svi the dhcp request is coming from in 192.168.3.1 and also by making my mask 255.255.255.224 that would make it to where i could not broadcast to any of my subnets except vlan 1

Masoud Pourshabanian · ‎10-30-2015

Your DHCP server replies to 192.168.3.1 by unicast when you use IP Helper.

If you set the sunbet 248, DHCP server sends the packets destined to 192.168.3.1 to your router and you router sends them to your switch.

Masoud

IP Helper-address command