09-18-2019 08:43 AM
Hello everyone,
I have a 3750 stacked core switch (1x 3750G and 2x 3750v1) that works perfectly. It does all the routing inside my LAN and it also leases all my DHCP addresses. The problem that I'm having is that my devices on my access switches (1x 3560-48PS-E and 1x 3560-24PS-E) can't get DHCP leases from the core. Both have L3 routing disabled, and a 1G trunk to the core switch. Is there something that I'm not thinking about?
09-18-2019 08:59 AM
Hello
are these two switch’s being serviced by the same dhcp server-scopes as the other working switches
Do they have the same vlan database populated as the other working switch’s -
Are the trunks allowing the correct vlans
09-18-2019 09:06 AM
Yes, both access switches have a trunk to the core switch, which is handling DHCP and routing for the LAN. I use VTP to standardize the VLANs across the switches. All the trunks have all the VLANs allowed. Clients with a static IP can reach everywhere in the network from the access switches, but only clients connected directly to the core can get a lease.
09-18-2019 09:46 AM - edited 09-18-2019 09:57 AM
Hello
On these switches do you have stp portfast enabled, are all access-ports defined as access-ports?, Do you have any port security applied?
Possible apply a debug for dhcp on the core
access-list 110 permit udp any any
debug ip packet detail 110
debug ip dhcp server packet
Also can you post the config of the core and access switch.
09-18-2019 10:31 AM
Thanks for the information that I requested. The output of show interface status is especially interesting. I see lots of ports assigned to vlan 666 but they are all disabled. I see only 3 ports that are connected and active, 1 in vlan 160 (fa0/47), 1 in vlan 180 (fa0/17), and 1 in vlan 901 (fa0/2). So I have 2 suggestions:
1) check why all ports assigned to vlan 666 are disabled
2) check on the 3 ports that are connected and see if they are getting DHCP.
HTH
Rick
09-18-2019 09:09 AM
@paul driver asks key questions: are the vlans the same on both switches? are the vlans correctly defined on the access switches? are the trunks correctly carrying each of the vlans? It might help provide answers to those questions if we had the output for these commands from both core and access switches:
show vlan
show interface status
show interface trunk
HTH
Rick
09-18-2019 09:12 AM
I replied above that those things were properly working. Here's my output of one of the access switches:
BoH#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi0/1, Gi0/2, Gi0/3, Gi0/4
120 WAP active
140 CoreData active
145 VoIP active
150 FoH active
160 Secure active Fa0/47
180 BoH active Fa0/17
666 VLAN0666 active Fa0/3, Fa0/4, Fa0/5, Fa0/6
Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/12, Fa0/13, Fa0/14
Fa0/15, Fa0/16, Fa0/18, Fa0/19
Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24, Fa0/25, Fa0/26, Fa0/27
Fa0/28, Fa0/29, Fa0/30, Fa0/31
Fa0/32, Fa0/33, Fa0/34, Fa0/35
Fa0/36, Fa0/37, Fa0/38, Fa0/39
Fa0/40, Fa0/41, Fa0/42, Fa0/43
Fa0/44, Fa0/45, Fa0/46, Fa0/48
901 Management active Fa0/2
1002 fddi-default act/unsup
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
120 enet 100120 1500 - - - - - 0 0
140 enet 100140 1500 - - - - - 0 0
145 enet 100145 1500 - - - - - 0 0
150 enet 100150 1500 - - - - - 0 0
160 enet 100160 1500 - - - - - 0 0
180 enet 100180 1500 - - - - - 0 0
666 enet 100666 1500 - - - - - 0 0
901 enet 100901 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 trcrf 101003 4472 1005 3276 - - srb 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trbrf 101005 4472 - - 15 ibm - 0 0
VLAN AREHops STEHops Backup CRF
---- ------- ------- ----------
VLAN AREHops STEHops Backup CRF
---- ------- ------- ----------
1003 7 7 off
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
BoH#show int
BoH#show interfaces stat
BoH#show interfaces status
BoH#show interfaces status
Port Name Status Vlan Duplex Speed Type
Fa0/1 connected trunk a-full a-100 10/100BaseTX
Fa0/2 connected 901 a-full a-100 10/100BaseTX
Fa0/3 disabled 666 auto auto 10/100BaseTX
Fa0/4 disabled 666 auto auto 10/100BaseTX
Fa0/5 disabled 666 auto auto 10/100BaseTX
Fa0/6 disabled 666 auto auto 10/100BaseTX
Fa0/7 disabled 666 auto auto 10/100BaseTX
Fa0/8 disabled 666 auto auto 10/100BaseTX
Fa0/9 disabled 666 auto auto 10/100BaseTX
Fa0/10 disabled 666 auto auto 10/100BaseTX
Fa0/11 disabled 666 auto auto 10/100BaseTX
Fa0/12 disabled 666 auto auto 10/100BaseTX
Fa0/13 disabled 666 auto auto 10/100BaseTX
Fa0/14 disabled 666 auto auto 10/100BaseTX
Fa0/15 disabled 666 auto auto 10/100BaseTX
Fa0/16 disabled 666 auto auto 10/100BaseTX
Fa0/17 connected 180 a-full a-100 10/100BaseTX
Fa0/18 disabled 666 auto auto 10/100BaseTX
Fa0/19 disabled 666 auto auto 10/100BaseTX
Fa0/20 disabled 666 auto auto 10/100BaseTX
Fa0/21 disabled 666 auto auto 10/100BaseTX
Port Name Status Vlan Duplex Speed Type
Fa0/22 disabled 666 auto auto 10/100BaseTX
Fa0/23 disabled 666 auto auto 10/100BaseTX
Fa0/24 disabled 666 auto auto 10/100BaseTX
Fa0/25 disabled 666 auto auto 10/100BaseTX
Fa0/26 disabled 666 auto auto 10/100BaseTX
Fa0/27 disabled 666 auto auto 10/100BaseTX
Fa0/28 disabled 666 auto auto 10/100BaseTX
Fa0/29 disabled 666 auto auto 10/100BaseTX
Fa0/30 disabled 666 auto auto 10/100BaseTX
Fa0/31 disabled 666 auto auto 10/100BaseTX
Fa0/32 disabled 666 auto auto 10/100BaseTX
Fa0/33 disabled 666 auto auto 10/100BaseTX
Fa0/34 disabled 666 auto auto 10/100BaseTX
Fa0/35 disabled 666 auto auto 10/100BaseTX
Fa0/36 disabled 666 auto auto 10/100BaseTX
Fa0/37 disabled 666 auto auto 10/100BaseTX
Fa0/38 disabled 666 auto auto 10/100BaseTX
Fa0/39 disabled 666 auto auto 10/100BaseTX
Fa0/40 disabled 666 auto auto 10/100BaseTX
Fa0/41 disabled 666 auto auto 10/100BaseTX
Fa0/42 disabled 666 auto auto 10/100BaseTX
Fa0/43 disabled 666 auto auto 10/100BaseTX
Fa0/44 disabled 666 auto auto 10/100BaseTX
Port Name Status Vlan Duplex Speed Type
Fa0/45 disabled 666 auto auto 10/100BaseTX
Fa0/46 disabled 666 auto auto 10/100BaseTX
Fa0/47 connected 160 a-full a-100 10/100BaseTX
Fa0/48 disabled 666 auto auto 10/100BaseTX
Gi0/1 notconnect 1 auto auto Not Present
Gi0/2 notconnect 1 auto auto Not Present
Gi0/3 notconnect 1 auto auto Not Present
Gi0/4 notconnect 1 auto auto Not Present
BoH#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Fa0/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/1 1-4094
Port Vlans allowed and active in management domain
Fa0/1 1,120,140,145,150,160,180,666,901
Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1,120,140,145,150,160,180,666,901
09-18-2019 09:22 AM
Do you have DHCP snooping enabled? Please share the output of "show ip dhcp snooping" from each access switch and "show run | s dhcp".
HTH,
Meheretab
09-18-2019 09:35 AM
09-18-2019 10:27 AM
Hello,
the status of the interfaces is 'disabled' which looks odd. Can you test a device with a static IP address and check if there is connectivity on these 'disabled' ports at all ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide