cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2327
Views
0
Helpful
9
Replies

Unable to get DHCP

ElQueue
Level 1
Level 1

Hello everyone,

 

I have a 3750 stacked core switch (1x 3750G and 2x 3750v1) that works perfectly. It does all the routing inside my LAN and it also leases all my DHCP addresses. The problem that I'm having is that my devices on my access switches (1x 3560-48PS-E and 1x 3560-24PS-E) can't get DHCP leases from the core. Both have L3 routing disabled, and a 1G trunk to the core switch. Is there something that I'm not thinking about?

9 Replies 9

Hello

are these two switch’s being serviced by the same dhcp server-scopes as the other working switches 

 

Do they have the same vlan database populated as the other working switch’s -

 

Are the trunks allowing the correct vlans


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Yes, both access switches have a trunk to the core switch, which is handling DHCP and routing for the LAN. I use VTP to standardize the VLANs across the switches. All the trunks have all the VLANs allowed. Clients with a static IP can reach everywhere in the network from the access switches, but only clients connected directly to the core can get a lease.

Hello

On these switches do you have stp portfast enabled, are all access-ports defined as access-ports?, Do you have any port security applied?

 

Possible apply a debug for dhcp on the core

access-list 110 permit udp any any
debug ip packet detail 110
debug ip dhcp server packet


Also can you post the config of the core and access switch.


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Thanks for the information that I requested. The output of show interface status is especially interesting. I see lots of ports assigned to vlan 666 but they are all disabled. I see only 3 ports that are connected and active, 1 in vlan 160 (fa0/47), 1 in vlan 180 (fa0/17), and 1 in vlan 901 (fa0/2). So I have 2 suggestions:

1) check why all ports assigned to vlan 666 are disabled

2) check on the 3 ports that are connected and see if they are getting DHCP.

 

HTH

 

Rick

HTH

Rick

@paul driver asks key questions: are the vlans the same on both switches? are the vlans correctly defined on the access switches? are the trunks correctly carrying each of the vlans? It might help provide answers to those questions if we had the output for these commands from both core and access switches:

show vlan

show interface status

show interface trunk

 

HTH

 

Rick

HTH

Rick

I replied above that those things were properly working. Here's my output of one of the access switches:

 

BoH#show vlan

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi0/1, Gi0/2, Gi0/3, Gi0/4
120 WAP active
140 CoreData active
145 VoIP active
150 FoH active
160 Secure active Fa0/47
180 BoH active Fa0/17
666 VLAN0666 active Fa0/3, Fa0/4, Fa0/5, Fa0/6
Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/12, Fa0/13, Fa0/14
Fa0/15, Fa0/16, Fa0/18, Fa0/19
Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24, Fa0/25, Fa0/26, Fa0/27
Fa0/28, Fa0/29, Fa0/30, Fa0/31
Fa0/32, Fa0/33, Fa0/34, Fa0/35
Fa0/36, Fa0/37, Fa0/38, Fa0/39
Fa0/40, Fa0/41, Fa0/42, Fa0/43
Fa0/44, Fa0/45, Fa0/46, Fa0/48
901 Management active Fa0/2
1002 fddi-default act/unsup

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
120 enet 100120 1500 - - - - - 0 0
140 enet 100140 1500 - - - - - 0 0
145 enet 100145 1500 - - - - - 0 0
150 enet 100150 1500 - - - - - 0 0
160 enet 100160 1500 - - - - - 0 0
180 enet 100180 1500 - - - - - 0 0
666 enet 100666 1500 - - - - - 0 0
901 enet 100901 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 trcrf 101003 4472 1005 3276 - - srb 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trbrf 101005 4472 - - 15 ibm - 0 0


VLAN AREHops STEHops Backup CRF
---- ------- ------- ----------


VLAN AREHops STEHops Backup CRF
---- ------- ------- ----------
1003 7 7 off

Remote SPAN VLANs
------------------------------------------------------------------------------


Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------

BoH#show int
BoH#show interfaces stat
BoH#show interfaces status
BoH#show interfaces status

Port Name Status Vlan Duplex Speed Type
Fa0/1 connected trunk a-full a-100 10/100BaseTX
Fa0/2 connected 901 a-full a-100 10/100BaseTX
Fa0/3 disabled 666 auto auto 10/100BaseTX
Fa0/4 disabled 666 auto auto 10/100BaseTX
Fa0/5 disabled 666 auto auto 10/100BaseTX
Fa0/6 disabled 666 auto auto 10/100BaseTX
Fa0/7 disabled 666 auto auto 10/100BaseTX
Fa0/8 disabled 666 auto auto 10/100BaseTX
Fa0/9 disabled 666 auto auto 10/100BaseTX
Fa0/10 disabled 666 auto auto 10/100BaseTX
Fa0/11 disabled 666 auto auto 10/100BaseTX
Fa0/12 disabled 666 auto auto 10/100BaseTX
Fa0/13 disabled 666 auto auto 10/100BaseTX
Fa0/14 disabled 666 auto auto 10/100BaseTX
Fa0/15 disabled 666 auto auto 10/100BaseTX
Fa0/16 disabled 666 auto auto 10/100BaseTX
Fa0/17 connected 180 a-full a-100 10/100BaseTX
Fa0/18 disabled 666 auto auto 10/100BaseTX
Fa0/19 disabled 666 auto auto 10/100BaseTX
Fa0/20 disabled 666 auto auto 10/100BaseTX
Fa0/21 disabled 666 auto auto 10/100BaseTX

Port Name Status Vlan Duplex Speed Type
Fa0/22 disabled 666 auto auto 10/100BaseTX
Fa0/23 disabled 666 auto auto 10/100BaseTX
Fa0/24 disabled 666 auto auto 10/100BaseTX
Fa0/25 disabled 666 auto auto 10/100BaseTX
Fa0/26 disabled 666 auto auto 10/100BaseTX
Fa0/27 disabled 666 auto auto 10/100BaseTX
Fa0/28 disabled 666 auto auto 10/100BaseTX
Fa0/29 disabled 666 auto auto 10/100BaseTX
Fa0/30 disabled 666 auto auto 10/100BaseTX
Fa0/31 disabled 666 auto auto 10/100BaseTX
Fa0/32 disabled 666 auto auto 10/100BaseTX
Fa0/33 disabled 666 auto auto 10/100BaseTX
Fa0/34 disabled 666 auto auto 10/100BaseTX
Fa0/35 disabled 666 auto auto 10/100BaseTX
Fa0/36 disabled 666 auto auto 10/100BaseTX
Fa0/37 disabled 666 auto auto 10/100BaseTX
Fa0/38 disabled 666 auto auto 10/100BaseTX
Fa0/39 disabled 666 auto auto 10/100BaseTX
Fa0/40 disabled 666 auto auto 10/100BaseTX
Fa0/41 disabled 666 auto auto 10/100BaseTX
Fa0/42 disabled 666 auto auto 10/100BaseTX
Fa0/43 disabled 666 auto auto 10/100BaseTX
Fa0/44 disabled 666 auto auto 10/100BaseTX

Port Name Status Vlan Duplex Speed Type
Fa0/45 disabled 666 auto auto 10/100BaseTX
Fa0/46 disabled 666 auto auto 10/100BaseTX
Fa0/47 connected 160 a-full a-100 10/100BaseTX
Fa0/48 disabled 666 auto auto 10/100BaseTX
Gi0/1 notconnect 1 auto auto Not Present
Gi0/2 notconnect 1 auto auto Not Present
Gi0/3 notconnect 1 auto auto Not Present
Gi0/4 notconnect 1 auto auto Not Present
BoH#show interfaces trunk

Port Mode Encapsulation Status Native vlan
Fa0/1 on 802.1q trunking 1

Port Vlans allowed on trunk
Fa0/1 1-4094

Port Vlans allowed and active in management domain
Fa0/1 1,120,140,145,150,160,180,666,901

Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1,120,140,145,150,160,180,666,901

 

Do you have DHCP snooping enabled? Please share the output of "show ip dhcp snooping" from each access switch and "show run | s dhcp".

 

HTH,

Meheretab 

HTH,
Meheretab

BoH#sh ip dhcp snooping
Switch DHCP snooping is disabled
DHCP snooping is configured on following VLANs:
none
DHCP snooping is operational on following VLANs:
none
DHCP snooping is configured on the following L3 Interfaces:

Insertion of option 82 is enabled
circuit-id default format: vlan-mod-port
remote-id: 0017.e002.4700 (MAC)
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Verification of giaddr field is enabled
DHCP snooping trust/rate is configured on the following Interfaces:

Interface Trusted Allow option Rate limit (pps)
----------------------- ------- ------------ ----------------

ACCESS01#sh ip dhcp snooping
Switch DHCP snooping is disabled
DHCP snooping is configured on following VLANs:
none
DHCP snooping is operational on following VLANs:
none
DHCP snooping is configured on the following L3 Interfaces:

Insertion of option 82 is enabled
circuit-id default format: vlan-mod-port
remote-id: 001d.a293.6700 (MAC)
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Verification of giaddr field is enabled
DHCP snooping trust/rate is configured on the following Interfaces:

Interface Trusted Allow option Rate limit (pps)
----------------------- ------- ------------ ----------------

CORE#sh run | inc dhcp
ip dhcp pool 666
ip dhcp pool 120
ip dhcp pool 140
ip dhcp pool 145
ip dhcp pool 150
ip dhcp pool 160
ip dhcp pool 180

Hello,

 

the status of the interfaces is 'disabled' which looks odd. Can you test a device with a static IP address and check if there is connectivity on these 'disabled' ports at all ?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: