Re: SG300-28 and DHCP

j.sarnecki · ‎07-22-2021

I have a program with SG300-28, does not pass DHCP queries passing through the device.

I will give examples of tests

A - Roter Mikrotik, with DHCP Server enabled.
B - Cisco SG300-28
C - AP - WiFi Access Point Ubiquiti
D - simple switch TP-LINK
L - AP WiFi clients

Test connection A:
A <-> B <-> C <-> L , ping ok, dhcp does not work
Test connection B:
A <-> D <-> C <-> L, ping ok, dhcp ok

In both cases, from the router to WiFi Access Point through the switches goes through vlan.

Test connection C:
A <-> B <-> computers, ping ok, dhcp ok
where connection A<->B is after vlan.

Checked on the last two firmware SG300-28.

How can I solve the problem with transferring package DHCP sticks to the server by swich SG300-28 using vlan?

ps) Why do I think this is a problem for the DHCP server because the client's ARP entry does not appear on the router.

balaji.bandi · ‎07-22-2021

Post show run from SG300

Hope switch is layer 2 - when you connected device is working ok with DHCP,

Try to make Trunk port where the AP connecting see if that makes any difference ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Manoj Reddy · ‎07-22-2021

Hi,

Please try as @balaji.bandi suggested, also in the switch B please check the sh VTP status, and not sure you're using VTP pruning, please disable and re-enable the VTP Pruning

VTP pruning sometimes stops your dynamoc VLANs, so that end devices won't get the IP

But ideally VTP should allow the things dynamically, my guess will be problem in that. Please check it

j.sarnecki · ‎07-24-2021

I not use VTP.

j.sarnecki · ‎07-22-2021

Yes, the Cisco Switch is layer 2.

End devices connected directly to this switch receive a DHCP response from the Mikrotic router.

Mikrotic connection to SG300-28 switch is as vlan. For untag end computers.

I am attaching the WiFi Ubiquiti Access Point to the SG300-28. No matter if the connection between these devices has a vlan or not, WiFi clients do not receive a response from DHCP.

If I replace my Cisco SG300-28 with an example TP-LINK switch, Ubiquiti WiFi clients will receive a DHCP response from the Mikrotic router. No matter if the connection is vlan or not.

So the problem is the Cisco SG300-28 Switch. It somehow blocks DHCP queries going through it.

If anyone knows, let me write what I can change the settings to fix this problem.

show run

config-file-header
SW11
v1.3.5.58 / R750_NIK_1_35_647_358
CLI v1.0
set system mode switch

file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end xxxxxxxxxxxxxxxxxxxxxxxxxxxx
!
vlan database
vlan 2-5,8-15,18-21,100,417
exit
voice vlan id 100
voice vlan state auto-enabled
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
no ip dhcp snooping verify
hostname SW11
no passwords complexity enable
username xxxxxxxxxx password encrypted xxxxxxxxxxxxxxxxxxxxxxxxxxxxx privilege xxxx
.....
ip ssh server
ip ssh password-auth
snmp-server server
snmp-server location U-12
snmp-server view A1 sysDescr.1.2 included
snmp-server community public ro x.x.x.x view Default
........
clock timezone " " +xxx
clock summer-time recurring usa
!
interface vlan 1
ip address 172.16.1.11 255.255.255.0
!
interface vlan 2
name 0002-lan
!
interface vlan 3
name 0003-into3
!
interface vlan 4
name 0004-ops
!
interface vlan 5
name 0005-eas
!
interface vlan 8
name 0008-dow
!
interface vlan 9
name 0009-BMC
!
interface vlan 10
name 0010-Info
!
interface vlan 11
name 0011-Radio
!
interface vlan 12
name 0012-monitoring
!
interface vlan 13
name 0013-monitoring_2
!
interface vlan 14
name 0014-konse
!
interface vlan 15
name 0015-DMZ-printers
!
interface vlan 18
name 0018-Ubi_WiFi_guest
!
interface vlan 19
name 0019-Ubi_WiFi_seting
!
interface vlan 20
name 0020-Ubi_WiFi_office
!
interface vlan 21
name 0021-Ubi_WiFi_office2
!
interface vlan 100
name 0100-VoIP
!
interface vlan 417
name 0417-LAN_2
!
interface gigabitethernet1
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport trunk allowed vlan add 18,20-21
switchport trunk native vlan 19
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet2
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport trunk allowed vlan add 18,20-21
switchport trunk native vlan 19
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet3
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport trunk allowed vlan add 18,20-21
switchport trunk native vlan 19
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet4
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport mode access
switchport access vlan 15
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet5
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport mode access
switchport access vlan 4
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet6
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport trunk allowed vlan add 18,20-21
switchport trunk native vlan 19
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet7
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport trunk allowed vlan add 18,20-21
switchport trunk native vlan 19
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet9
switchport mode access
switchport access vlan 100
!
interface gigabitethernet10
switchport mode access
switchport access vlan 10
!
interface gigabitethernet11
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport trunk allowed vlan add 100
switchport trunk native vlan 4
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet12
description "General test"
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport mode access
switchport access vlan 100
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet13
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport mode access
switchport access vlan 12
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet14
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport trunk allowed vlan add 100
switchport trunk native vlan 2
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet15
switchport trunk allowed vlan add 100
switchport trunk native vlan 15
!
interface gigabitethernet16
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport trunk allowed vlan add 100
switchport trunk native vlan 15
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet17
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport trunk allowed vlan add 18,20-21
switchport trunk native vlan 19
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet18
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport trunk allowed vlan add 18,20-21
switchport trunk native vlan 19
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet19
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport trunk allowed vlan add 18,20-21
switchport trunk native vlan 19
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet20
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport mode access
switchport access vlan 100
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet21
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport mode access
switchport access vlan 100
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet22
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport trunk allowed vlan add 18,20-21
switchport trunk native vlan 19
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet24
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport trunk allowed vlan add 100
switchport trunk native vlan 2
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet25
switchport mode access
switchport access vlan 100
!
interface gigabitethernet26
switchport trunk allowed vlan add 100
switchport trunk native vlan 2
!
interface gigabitethernet27
switchport mode access
switchport access vlan 100
!
interface gigabitethernet28
spanning-tree link-type point-to-point
switchport trunk allowed vlan add 2-5,8-15,18-21,100,417
macro description switch
!next command is internal.
macro auto smartport dynamic_type switch
!
exit
banner login ^C
SW11
^C
macro auto enabled
macro auto processing type host enabled
macro auto processing type ip_phone disabled
macro auto processing type ip_phone_desktop disabled
ip default-gateway 172.16.1.254

#END

The interface gigabitethernet1 socket is an example of where the Ubiquiti Access Point WiFi is connected.
A Mikrotic router is connected to the gigabitethernet28 socket.

balaji.bandi · ‎07-22-2021

you try to default the interface gig 1, remove all macro-related config, do not add any native VLAN, just make it simple trunk and test it.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

j.sarnecki · ‎07-23-2021

Where/how disable/remove this macro:

macro description ip_phone_desktop
macro auto smartport dynamic_type unknown

balaji.bandi · ‎07-23-2021

default interface gigabitethernetX ( x is the interface make facotry default) - make sure if this is transit interface you may lost connection before issue command.

no macro description ip_phone_desktop
no macro auto smartport dynamic_type unknown

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

j.sarnecki · ‎07-24-2021

SW11(config)#no macro description ip_phone_desktop
% Unrecognized command
SW11(config)#no macro auto smartport dynamic_type unknown
% Wrong number of parameters or invalid range, size or characters entered
SW11(config)#exit
SW11#no macro auto smartport dynamic_type unknown
% Unrecognized command
SW11#no macro description ip_phone_desktop
% Unrecognized command

balaji.bandi · ‎07-24-2021

You use the commands global config mode.

that need to use for interface commands:

example :

config t

!

interface gigabitethernet1

no macro description ip_phone_desktop
no macro auto smartport dynamic_type unknown

!

hope this helps you and test and advise.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

j.sarnecki · ‎07-24-2021

Unfortunately

"Wrong number of parameters or invalid range, size or characters entered"

balaji.bandi · ‎07-24-2021

Wrong number of parameters or invalid range, size or characters entered"

when do you get this message?

Can you post the complete output once you captured it to understand the issue?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

paul driver · ‎07-24-2021

Hello

B - Cisco SG300-28
Do you have dhcp snooping enabled on this switch or port security? - If so make sure your trusting you uplinks for snooping and allocating enough levels of broadcast for dhcp clients.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul