I have 2 stacked switches and I have updated the IOS to CAT3K_CAA-UNIVERSALK9 Version 16.3.8
I there a SVI for the vlan where the clients are connected. I have set ip helper-address "DHCP IP" in this SVI, before the update it was working without problems but after the reboot is not forwarding nothing.
If I configure ip helper in a access switch it works.
Thank you for your help.
The ip helper address needs to be implemented on the SVI interfaces and where the routing between subnets takes place and not an access layer (layer-2 only) device. Is the routing working between vlans? Can you ping the DHCP server from the router/switch?
Yes I know but as a temporal solution I have set it in the access switches and it works.
The routing between Vlans is working without problems.
Yes, I can ping the DHCP from the clients and from the L3 core switch.
Thank you for your time
Have a look at this link. You maybe able to run some debug commands and figure out what is the issue. Please be careful when using debug commands as you may overwhelm the switch. You may want to do it during off hours or during a maintenance window.
service dhcp - check this is hidden command. you only get it - by issuing show run all from Cat 38XX switch IOS-XE.
other hand make sure DHCP Server reachable by ping from svi as source interface to DHCP-IP
Yes, the service is enabled
sw-01#sh run all | i dhcp
Also I can ping the DHCP
sw-01#ping x.x.x.10 source vlan 55
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to x.x.x.10, timeout is 2 seconds:
Packet sent with a source address of x.x.x.220
Hope where the device connected to belong to vlan 55 right ?
can you post running configuration to cross check again.
Here you have the part related with the IP helper, if you need to see something else please just tell me.
ip address 172.16.3.200 255.255.252.0
ip helper-address 172.16.4.10
ip directed-broadcast 101
ip address 172.16.4.200 255.255.255.0
ip helper-address 172.16.3.255
sw-01#sh run all | i dhcp
ip dhcp-server query lease retries 2
ip dhcp-server query lease timeout 10
ip dhcp-client broadcast-flag
ip dhcp-client default-router distance 254
ip dhcp relay information policy replace
ip dhcp relay information check
ip dhcp use class
ip dhcp use vrf connected
ip dhcp binding cleanup interval 120
ip dhcp compatibility suboption link-selection cisco
ip dhcp conflict logging
ip dhcp ping packets 2
ip dhcp ping timeout 500
ip dhcp auto-broadcast
ip dhcp snooping information option
ip dhcp snooping database write-delay 300
ip dhcp snooping database timeout 300
ip dhcp snooping verify mac-address
ip dhcp snooping verify no-relay-agent-address
no ip dhcp snooping wireless bootp-broadcast enable
i am looking the config of the access port where the device connected.
show run interface gi x/x <<-- where you see the issue with the device not getting DHCP IP address ?
sw-01 is a Core sw that is connected to many access switches.
All trunk interfaces between the sw and access switches have this config in both sides:
interface GigabitEthernet0/3 -4
switchport trunk native vlan 445
switchport trunk allowed vlan 1,55,60,90
switchport mode trunk
All the clients have the same config
switchport mode access
authentication control-direction in
authentication event no-response action authorize vlan 90
authentication port-control auto
dot1x pae authenticator
dot1x timeout quiet-period 9
dot1x timeout tx-period 7
dot1x max-req 1
storm-control broadcast level pps 200
storm-control multicast level pps 650
storm-control action shutdown
storm-control action trap
spanning-tree bpduguard enable