Solved: PC not getting IP from Switch

mahesh18 · ‎01-05-2013

Hi Everyone,

I have 2 switches running as HSRP and both have DHCP config on them.

Both these switches have connection to 3rd switch where PC is connected.

Connection between HSRP switches and 3rd switch is not trunk it is access port only.

VLAN 10 is HSRP running switches and 3rd switch has also int vlan 10 configured.

I ran the debug ip dhcp server packets on HSRP switches but no output comes out.

From Switch where PC is connected i can ping the HSRP Virtual IP which is 192.168.10.3

Thanks

MAhesh

Reza Sharifi · ‎01-05-2013

Hi Mahesh,

Can you add an exclude statment like this and test again?

ip dhcp excluded-address 192.168.10.1 192.168.10.5

HTH

Reza

View solution in original post

kcnajaf · ‎01-05-2013

Hi Mahesh,

Did you try connecting the PC to directly to the DHCP switch and check if it get the ip address?

Also have you issued "service dhcp" to enable DHCP service on switch?

Regards

Najaf

Please rate when applicable or helpful !!!

View solution in original post

Rolf Fischer · ‎01-05-2013

Hi Mahesh,

if the 3rd switch also has an IP address in VLAN 10, you also should exclude this address.

You say, "debug ip dhcp server packets" doesn't produce any output.

What about the PC, does it assing itself an APIPA (169.254.x.x)?

Is spanning-tree portfast enabled on it's port?

Is DHCP snooping enabled on the 3rd switch? If so: Are the uplinks trusted?

The virtual HSRP address is pingable, so I assume that the PC's MAC address is shown in the CAM table?

Finally, you could configure "service dhcp" just in case it's disabled for some reason. (Najaf has been faster ...)

Regards,

Rolf

View solution in original post

Rolf Fischer · ‎01-05-2013

The access-switch should learn the PC's MAC address only on Fa1/0/1, not on the uplink.

Do you see many of this syslog messages?

HSRP looks stable, what about spanning tree for VLAN 10?

Regards

Rolf

View solution in original post

cadet alain · ‎01-05-2013

Hi,

your Active switch should be the primary root bridge and the standby one should be the secondary root bridge.

What happens if you issue following on active: spanning-tree vlan 10 root primary and following on standby: spanning-tree vlan 10 root secondary ?

Regards.

Alain

Don't forget to rate helpful posts.

View solution in original post

Rolf Fischer · ‎01-05-2013

Doesn't look bad.

Your're receiving DHCP Discovers from the PC in VLAN 10.

Just the self-assigned APIPA (169.254.78.37) seems to be disturbing.

Have you tried a

ipconfig /release

ipconfig /renew

on your PC?

This should force the PC to use the unspecified address 0.0.0.0 as CIADDR (Client IP Address) in DHCP Discovers instead.

Regards

Rolf

View solution in original post

Reza Sharifi · ‎01-05-2013

Hi Mahesh,

There seems to be something wrong with your spanning tree. Port 1/0/1 is the access port, port 1/0/31 connects to the backup HSRP and port 1/0/41 to the primary HSRP and so in this case 1/0/41 is in blocking mode.

Alian has a very good point regarding the root and the backup root. So, can you deploy the commands he suggested and than do a "sh spann vlan 10" again? We need to see 1/0/41 in forwarding mode.

spanning-tree vlan 10 root primary on the active HSRP

spanning-tree vlan 10 root secondary on the stand-by HSRP

HTH

Reza

View solution in original post

Reza Sharifi · ‎01-05-2013

Hi Mahesh,

Ok, so the spanning tree is good to go.

for test purpose. if you assign a static ip to the pc

example

192.168.10.100

255.255.255.0

192.168.10.3

can you ping

192.168.10.1

192.168.10.2

192.168.10.3

if yes. than change the PC back to use DHCP and this time on the pool assign the physical address of the active switch to it. I am assuming 10.1 is the active HSRP physical address

ip dhcp pool vlan10

network 192.168.10.0 255.255.255.0

default-router 192.168.10.1

lease 3

and test again

HTH

Reza

View solution in original post

Rolf Fischer · ‎01-07-2013

Mahesh,

the command structure is:

ip dhcp excluded-address []

http://www.cisco.com/en/US/docs/ios-xml/ios/ipaddr/command/ipaddr-i1.html#GUID-1B6734A2-7EB1-4FEE-85F6-8DE18B7283B9

In summary, by setting to 255.255.255.0, you excluded the whole pool.

Best regards,

Rolf

View solution in original post

Reza Sharifi · ‎01-05-2013

Hi Mahesh,

Can you post the DHCP config or "sh run" from the active HSRP switch?

Thanks,

Reza

mahesh18 · ‎01-05-2013

Hi Reza,

Here is config from active

3750Switch#sh standby

Vlan10 - Group 1

State is Active

2 state changes, last state change 00:49:48

Virtual IP address is 192.168.10.3

Active virtual MAC address is 0000.0c07.ac01

Local virtual MAC address is 0000.0c07.ac01 (v1 default)

Hello time 3 sec, hold time 10 sec

Next hello sent in 2.547 secs

Preemption enabled, delay min 30 secs

Active router is local

Standby router is 192.168.10.2, priority 90 (expires in 7.609 sec)

Priority 120 (configured 120)

IP redundancy name is "hsrp-Vl10-1" (default)

From Active Router

ip dhcp pool Vlan10

import all

network 192.168.10.0 255.255.255.0

default-router 192.168.10.3

!

Thanks

MAhesh

Reza Sharifi · ‎01-05-2013

Hi Mahesh,

Can you add an exclude statment like this and test again?

ip dhcp excluded-address 192.168.10.1 192.168.10.5

HTH

Reza

mahesh18 · ‎01-05-2013

Hi Reza,

Added the statement on both active and standby still no luck.

switch that is connected to PC when i do sh ip arp does not show anything

thanks

mahesh

kcnajaf · ‎01-05-2013

Hi Mahesh,

Did you try connecting the PC to directly to the DHCP switch and check if it get the ip address?

Also have you issued "service dhcp" to enable DHCP service on switch?

Regards

Najaf

Please rate when applicable or helpful !!!

Rolf Fischer · ‎01-05-2013

Hi Mahesh,

if the 3rd switch also has an IP address in VLAN 10, you also should exclude this address.

You say, "debug ip dhcp server packets" doesn't produce any output.

What about the PC, does it assing itself an APIPA (169.254.x.x)?

Is spanning-tree portfast enabled on it's port?

Is DHCP snooping enabled on the 3rd switch? If so: Are the uplinks trusted?

The virtual HSRP address is pingable, so I assume that the PC's MAC address is shown in the CAM table?

Finally, you could configure "service dhcp" just in case it's disabled for some reason. (Najaf has been faster ...)

Regards,

Rolf

mahesh18 · ‎01-05-2013

Hi Everyone,

Service dhcp is enabled on both hsrp switches.

Here is log from 3rd switch where pc is conncted.

Mar 3 01:40:35.260: %SW_MATM-4-MACFLAP_NOTIF: Host 0021.70b0.3d39 in vlan 10 i

s flapping between port Fa1/0/41 and port Fa1/0/1

Mar 3 01:40:35.260: %SW_MATM-4-MACFLAP_NOTIF: Host 0021.70b0.3d39 in vlan 10 i

s flapping between port Fa1/0/41 and port Fa1/0/1

pc is connected to port fa1/0/1

host 0021.70b0.3d39 is pc mac

3rd switch where pc is conected has direct link access connection to hsrp active switch port fa1/0/41.

thanks

mahesh

Rolf Fischer · ‎01-05-2013

The access-switch should learn the PC's MAC address only on Fa1/0/1, not on the uplink.

Do you see many of this syslog messages?

HSRP looks stable, what about spanning tree for VLAN 10?

Regards

Rolf

mahesh18 · ‎01-05-2013

Hi Rolf,

I do not see many log messages just a single message

Here is vlan 10 info from 3rd switch

sh span
R1#sh spanning-tree vlan 10

VLAN0010
Spanning tree enabled protocol ieee
Root ID    Priority    32778
             Address     000d.2928.bc80
             Cost        19
             Port        35 (FastEthernet1/0/31)
             Hello Time   2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority    32778 (priority 32768 sys-id-ext 10)
             Address     0019.e849.d380
             Hello Time   2 sec Max Age 20 sec Forward Delay 15 sec
             Aging Time 300

Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------

Fa1/0/1             Desg FWD 19        128.3    P2p Edge
Fa1/0/31            Root FWD 19        128.35   P2p
Fa1/0/41            Altn BLK 19        128.45   P2p

Here connection to Active HSRP is in blockingk state

thanks

mahesh

mahesh18 · ‎01-05-2013

Hi,

Here is DHCP info from active switch

750Switch#              sh ip dhcp server sta
3750Switch#              sh ip dhcp server statistics
3750Switch#              sh ip dhcp server statistics
Memory usage         4983
Address pools        1
Database agents      0
Automatic bindings   0
Manual bindings      0
Expired bindings     0
Malformed messages   0

Message              Received
BOOTREQUEST          0
DHCPDISCOVER         100
DHCPREQUEST          3
DHCPDECLINE          0
DHCPRELEASE          0
DHCPINFORM           0

Message              Sent
BOOTREPLY            0
DHCPOFFER            0
DHCPACK              0
DHCPNAK              0

Info from standby switch

550Switch#sh ip dhcp server statistics
Memory usage         5023
Address pools        1
Database agents      0
Automatic bindings   0
Manual bindings      0
Expired bindings     0
Malformed messages   0

Message              Received
BOOTREQUEST          0
DHCPDISCOVER         57
DHCPREQUEST          0
DHCPDECLINE          0
DHCPRELEASE          0
DHCPINFORM           0

Message              Sent
BOOTREPLY            0
DHCPOFFER            0
DHCPACK              0
DHCPNAK              0

cadet alain · ‎01-05-2013

Hi,

your Active switch should be the primary root bridge and the standby one should be the secondary root bridge.

What happens if you issue following on active: spanning-tree vlan 10 root primary and following on standby: spanning-tree vlan 10 root secondary ?

Regards.

Alain

Don't forget to rate helpful posts.

mahesh18 · ‎01-05-2013

Hi Alain,

From Active HSRP log message shows

36: DHCPD: checking for expired leases.

02:43:48: DHCPD: DHCPDISCOVER received from client 0100.2170.b03d.39 on interfac

e Vlan10.

02:43:48: DHCPD: requested address 169.254.78.37 is not on subnet 192.168.10.0.

02:43:48: DHCPD: address pool Vlan10 is empty.

02:43:52: DHCPD: DHCPDISCOVER received from client 0100.2170.b03d.39 on interfac

e Vlan10.

02:43:52: DHCPD: requested address 169.254.78.37 is not on subnet 192.168.10.0.

02:43:52: DHCPD: address pool Vlan10 is empty.

02:44:01: DHCPD: DHCPDISCOVER received from client 0100.2170.b03d.39 on interfac

e Vlan10.

02:44:01: DHCPD: requested address 169.254.78.37 is not on subnet 192.168.10.0.

02:44:01: DHCPD: address pool Vlan10 is empty.

02:44:16: DHCPD: DHCPDISCOVER received from client 0100.2170.b03d.39 on interfac

e Vlan10.

02:44:16: DHCPD: requested address 169.254.78.37 is not on subnet 192.168.10.0.

02:44:16: DHCPD: address pool Vlan10 is empty.

02:44:36: DHCPD: checking for expired leases.

02:46:36: DHCPD: checking for expired leases.

Thanks

MAhesh

Rolf Fischer · ‎01-05-2013

Doesn't look bad.

Your're receiving DHCP Discovers from the PC in VLAN 10.

Just the self-assigned APIPA (169.254.78.37) seems to be disturbing.

Have you tried a

ipconfig /release

ipconfig /renew

on your PC?

This should force the PC to use the unspecified address 0.0.0.0 as CIADDR (Client IP Address) in DHCP Discovers instead.

Regards

Rolf

Reza Sharifi · ‎01-05-2013

Hi Mahesh,

There seems to be something wrong with your spanning tree. Port 1/0/1 is the access port, port 1/0/31 connects to the backup HSRP and port 1/0/41 to the primary HSRP and so in this case 1/0/41 is in blocking mode.

Alian has a very good point regarding the root and the backup root. So, can you deploy the commands he suggested and than do a "sh spann vlan 10" again? We need to see 1/0/41 in forwarding mode.

spanning-tree vlan 10 root primary on the active HSRP

spanning-tree vlan 10 root secondary on the stand-by HSRP

HTH

Reza