Cisco Switching/Routing :: DHCP Request Not Being Forwarded By Helper Address Same VRF 6500?
Feb 22, 2013
Version 12.2(33)SXI
int vlan 1
description client vlan
ip vrf forwarding A
ip address 10.1.1.1 255.255.255.0
standby 129 ip 10.1.1.2
standby 129 timers 1 4
standby 129 priority 105
standby 129 preempt
ip helper-address 10.1.2.20
[code]....
dhcp requests are not making it to the dhcp server SAME VRF (ip helper-addres is not doing anything.....)extended vrf traceroutes on udp 67 sourced from vlan2 are fine
I am expecting udp unicast packets on port 67 "giaddr" relay packets on the DHCP server generated and sourced by the relay on Vlan1
eg. Mar 1 01:59:06.731: DHCPD: setting giaddr to 10.1.1.1
This exact setup works in our preprod environment with the same code.Only difference is we run Distributed etherchannel on the 6500's where this doesnt work.
Wireshark on the client I can see the requests being sent Going to check it with debug ip dhcp server to check the relay logs out of production hours.
I have seen so many people say it IS and ISN'T supported on this version of the code.e.g. [URL]
I am aware the helper-adddress should inherit the vrf of the interface ip helper-address vrf command is not supported.The fact it works in the PP environment.... could this be due to the Distributed EtherChanel difference? or just some bug....
View 2 Replies
ADVERTISEMENT
Jan 5, 2012
My actual Scenario
1 x 4500 and 1 x 3560?They are gateways of 8 Vlans?They are doing HSRP in each of those Vlans?The 4500 is the Active?There is a DHCP Pool for each of those Vlans on both gateways using "ip dhcp excluded-address" I ensured that the range of provided ips by each DHCP server will not be overlapped Obs.: Reducing the lease time, I ended with the calls bringing related problems.
OK, every thing is blue, every thing is fine.But the network diagram is realy complex(41 switchs, 89 uplinks), and depending of how is the network flow, one or other server answer first or latter.
For many reasons I would like that the secondary DHCP server would answer only if the primary DHCP server goes down.To me, the bigger reason is that DHCP database would be only in one DHCP server.But there is other reasons.
I passed by many frustrated solutions:Try to force a delay on the answer on one of the servers. - Impossible.Try to disable DHCP server, and, using EEM, enable it only if router became active in HSRP. - I couldn't do It.
What I'm thinking now is use the HSRP resource to resolve it.On both routers I would put a "ip helper-address" pointing to an Virtual_HSRP_IP.And depending on which router is the active, him will answer the request.
My first doubt is:Would it work?The second doubt is:Could I use the same Virtual_HSRP_IP that exists on that Vlan(see example 1),or I would need to point it to a Virtual_HSRP_IP in a different Vlan(see example 2)?
Example 1
-----------------------------------
| 4500 |
-----------------------------------
interface Vlan1
ip address 10.10.0.2 255.255.0.0
ip helper-address 10.10.0.1
standby 1 ip 10.10.0.1
[code]....
View 3 Replies
View Related
Jun 12, 2013
I've a Cisco 1941W router which is DHCP server for data-VLANs and uses ip-helper for voice-VLANs. [code] I don't know why I can't have IP from wireless voice VLAN whereas it is OK and wired voice VLAN and conf is the same!
View 4 Replies
View Related
Mar 22, 2012
I've been looking into IGMP snooping and have read that a L2 switch will forward multicast traffic to all ports connected to an interested receiver AND all mrouter ports. In a L2 'V' topology this results in all multicast traffic routed onto a VLAN being forwarded to the 2nd distribution switch. My question is how should a 6500 Sup720 deal with this unwanted multicast traffic? Both a Local SPAN of the RP and a Netdr capture suggest that this traffic is punted to the RP and ultimately dropped. Is this expected behavior or should the traffic be dropped in H/W?
View 2 Replies
View Related
Jan 9, 2012
I would like to know if ip helper-address feature is working on a layer 2 switch (2950,2960) or you should use a Layer 3 switch to do that?
View 7 Replies
View Related
Nov 20, 2012
Nexus Core switch 7K Gives arp request for his own Local IP address continuously. This Logs keeps on coming for the past 2 months.
The Ip Address 10.80.18.1 is an secondary IP address of vlan 18 , which is used for Teleprescence.
interface Vlan18 no shutdown no ip redirects ip address 10.80.18.252/24 hsrp version 2 hsrp 18 preempt priority 110 timers 1 3 ip 10.80.18.1 secondary ip 10.80.18.254
2012 Nov 12 18:22:06 FRMA_BK1_CSN7K_01-COR %ARP-3-REQ_IP: arp [3829] Sending A
RP request for local IP address 10.80.18.1 on Vlan18, request from pid: 3834
2012 Nov 12 18:22:07 FRMA_BK1_CSN7K_01-COR %ARP-3-INVAL_HDR: arp [3829] Found
[code]....
View 1 Replies
View Related
Jan 15, 2013
I have this message "DHCP Timeout"on few cisco IP Phones .try to assign IP manually and it's working fine.. seems DHCP not giving IP's to those.. 6500 have configured as DHCP pool.
View 1 Replies
View Related
May 8, 2013
i have this message "DHCP Timeout"on few cisco IP Phones . try to assign IP manually and it's working fine.. seems DHCP not giving IP's to those.. 6500 have configured as DHCP pool.
View 3 Replies
View Related
Apr 9, 2012
I am working in a environment that is classed as collapssed Layer 3 environment. We have a core 6500 with routed links to 3560's which are access switches.
We have layer 3 vlans on the access switches, one for data one for voice.On the layer 3 vlans we have ip helper addresses that are used for DHCP. The DHCP servers are located on the 6500.
I recently had a incident where someone plugged a netgear router into a desk point because they thought they could use it for a switch. This router then started to dish out IP addresses to people in the morning for those who came in and docked their laptops. 99% of people weren't affected because they have desktop PC's are their leases hadn't expired.
Now we have bpduguard, bpdufilter to prevent people from plugging in switches that send out BPDU's. However this doesn't prevent the above senario where someone plugs a router or a 'dumb' switch that doesn't send BPDU's.Because of the above senario I started looking at DHCP Snooping, but I am unsure on a couple of things.
With the topology of our network I understand that I don't need to configure IP DHCP Snooping Trust on the L3 uplinks to our core switch. From what I understand I just need to enable IP DHCP Snooping globaly and then on the VLAN's on the access switch (because of the L3 topology VLAN's are local to the access switches). Only if I had L2 uplinks to the core would I need to configure IP DHCP Snooping Trust on the trunk links.
View 2 Replies
View Related
Oct 31, 2012
The customer has 4 6500 switches. 2 Physical locations, and 2 switches at each locations. The locations are connected via 1 200mpbs metro ethernet(layer 2). We ran into an issue during a DR exercise. We had created a VLAN for DR testing purposes, that did not have any SVI configured, but the VLAN did exist on one of the 6500s. When the customer restored a VM to the DR VLAN, we lost connectivity to the production server. After some troubleshooting, we found the cause to be the same mac address showing up, but in a different vlan. Once we removed the DR vlan from the 6500 all was well. It seems like switches are ignoring the VLAN in the mac address table, and forwarding to the incorrect ports. The switch is not reporting any mac flapping in the logs. No spanning tree topology changes are occurring. Code version is 12.2(33)SXJ2 on all switches.
View 1 Replies
View Related
Jan 1, 2012
Are any of the following commands supported on Nexus 5K switches when deployed with L3 card:
ip helper addressip forward-protocolip directed-broadcast
View 2 Replies
View Related
Apr 8, 2013
we have 6500 cisco switch as a backbone switch in universty. When ı want to look mac addres table , it does no show all mac address.ı mean if ı type ;show mac address-table there are not all mac address.
View 3 Replies
View Related
Apr 30, 2012
I have an Issue.In my networks, 1 single user is facing Network Slowness issue. i needs to check to which port user is coneected in switch to CHeck whether that port has any errors.But problem is, i am providing support from remote location.And my concern LAN segment is Very big,I have only user Ip address details,when i ping the Ip address from Core switch it is pinging. but when i give show ip arp & give Ip address then its not learning and listing out the Mac address to trace down to the specific port.
View 3 Replies
View Related
Oct 31, 2012
Currently we're providing DHCP to wireless clients from a dhcp pool on a cisco 6500. Due to new requirements we need to move to windows 2008 dhcp and when I test this on an unused WLC (7.0.235.0) the client doesn't get an address.
When I do a packet capture on the client I see it requesting dhcp but not getting any response from the server. When I do a dhcp debug on the client I see the same (see attached file).
This seems to me to be a server issue but the same server is supplying addresses to wired clients.
View 3 Replies
View Related
Jan 30, 2011
I'm interested to know whether we can configure ip helper in nexus 7000?
View 2 Replies
View Related
May 14, 2012
Cisco PIX Security Appliance Software Version 8.0(2)
Device Manager Version 6.1(5)51
Cisco PIX Security Appliance Software Version 8.0(2)Device Manager Version 6.1(5)51 Running VPN on this device with an internal DHCP Pool tunnel-group JVusergroup type remote-accesstunnel-group JVusergroup general-attributesaddress-pool JVusergroup-DHCP-Pool I would like to use an external DHCP insted of the pix itselvf. How do I relay (IP-helper) DHCP request on the VPN policy to an external DHCP-server?
View 5 Replies
View Related
Jun 11, 2013
I have 2 servers, one active, the other standby, both will be using the same IP. If the active fails then a re-patch for the standby to make this the active. I understand that i will need to clear the arp & maybe mac address table on the 6500 for the new active server to work, as the failed server will have its mac address on the 6500,.
is there a way around this so i dont have to clear the arp cache & clear the mac table? [code]
View 6 Replies
View Related
Dec 26, 2012
We are facing issue with mac address learnt from different port-channels, Connectivity is like 6500 as core running VSS and 4500 access switches are connected to Core and WLC is also connected to Core.WLC to 6500 PO 60 , 4500 to 6500 PO 32.
View 1 Replies
View Related
Jul 12, 2010
We want to configure the "mac-address-table synchronize" command on our 6500 series switches to ensure that the CAM tables on our DFCs are in synch with the PFC on the supervisor modules. url...it is recommended that we disable the routed MAC purging with the mac-address-table aging-time 0 routed-mac global configuration command. What is a routed mac entry? Are there any issues with running that mac aging-time command?
We also plan to run this command "mac-address-table aging-time 14400" to keep our ARP and CAM tables on the same aging time to reduce unicast flooding on our network. Can we run this command with the "routed-mac" command above?
View 2 Replies
View Related
Aug 10, 2011
I disconnected and reconnected the powercable while holding on to the setup button until system, alert, setup go amber. The system led light began blinking green. I waited until one of the leds lights on the ports starts blinking green I then connected the ethernet cable connected to my pc. I made sure my lan connection on my computer was set to dhcp.In the docs claim it should take about 1 minute to grab a new ip address. After a few minutes i check the ipconfig on my pc and I get the apipa address.The setup light on the switch remains green while system is amber. The led for port 1 stopped blinking and remains green.My pc is not grabbing an ip address I don't know what else to do.
View 7 Replies
View Related
Jul 15, 2012
I have just updated a VLAN interface on my router. I have two 6500's with GLBP configured. The particular interface had a primary and secondary IP address. I shutdown the interface on one router and deleted the secondary address then assigned the orignal secondary address to be the be the only address associated with the interface and enabled the interface and it came right back up...all looks good. I proceeded to do the same thing to the other router and once again all looked good. Now, I am able to PING the devices in the subnet from router, but am unable to ping them from any place else. [code]
View 2 Replies
View Related
Apr 6, 2012
I have a stack of 3750's running IOS 12.2(25). "IP forward-protocal" command is configured, but the IP helper command is just not an option to put on an interface. Any have any idea of why that could be?
View 2 Replies
View Related
Mar 5, 2012
I would like to use the ip address-helper feature of my 3560 switch to point 10.1.0.0/24 to my Windows DHCP Server on 10.0.0.0/24 and I am unsure how to go about doing this.
View 2 Replies
View Related
Dec 15, 2012
Setting up a stand-alone WDS/PXE server.Current we have helper addresses setup to forward the DHCP requests from the different VLAN's to the DHCP server. The WDS/PXE server we are setting up is on its server. How do we craft the helper addresses so DHCP requests go to the proper server hosting DHCP and PXE requests go the WDS server?
Everything I seen on Microsoft Technet, lists using Helper Address as the recommended way, but assume both services are on the same server. Our helper address is as follows on each VLAN interface in router: ip helper-address X.X.X..This is a Cisco 3750.
View 6 Replies
View Related
Feb 5, 2012
I am trouble shooting a SF 200-48P and I am a bit lost without a CLI not used to the GUI. What I need to know is how to add the IP address helper command to the switch?I have a number of IP phones which are not getting an IP address from DHCP (PCs which are diasy chained off the phones are all working correctly). On the higher end switches I would have added the IP address helper command to the VLAN and that would have sorted it. How to do this on the small business switch.
View 2 Replies
View Related
Nov 13, 2012
Not sure if this is a problem with the switch or the wireless AP connected to the switch, but I have a couple of 3560's, one is a 3560G and the other is a 3560, both have phones and wireless ap's connected to them. The ap's on both of these switches continue to loose there ip address and thus disconnect from the controller. This happens about once a week, but the odd thing is that the phones never loose there ip address. All of my other 3560s and 3560g's that have AP's and phones connected are working fine.
View 2 Replies
View Related
Nov 19, 2011
I'm trying to configure my C3550 with fast ethernet port 0/48 assigned to vlan 2 in static access mode and SVI vlan 2 configured as dhcp client.
But I see command ip address dhcp is not available on interface vlan 2:
Cat3550(config-if)#ip ad
Cat3550(config-if)#ip address ?
A.B.C.D IP address
Cat3550(config-if)#ip address
Could it be a problem related to the version running on the equipment (see below the output of sh version command not sure of what EA1 stands for)? I read here [URL] that this command was introduced in version 12.1(2)T
If it is a version problem is there any possibility to download upgraded version for free?
Cat3550>sh ve
Cisco Internetwork Operating System Software
IOS (tm) C3550 Software (C3550-I5Q3L2-M), Version 12.1(20)EA1, RELEASE
[Code].....
View 7 Replies
View Related
Jul 8, 2012
I am trying to setup VLANs and most of configurations are working ok now except IP address assignment from DHCP. If any computer in VLAN 120 or 130 configured with manual IP address, then all works fine. It can reach internal servers and the internet without problem.If the IP address is assigned automatically then any computer in VLAN 120 or 130 are obtaining IP address (strangely!) from VLAN 100. Because switch ports that connected to the computer belongs to VLAN 120 or 130, the computer cannot reach internal servers and the internet with ip address from VLAN 100 . All SVI interfaces for VLAN 100, 120 and 130 have ip helper-address option defined pointing to the DHCP server. No DHCP snooping enabled on all switches at this point. DHCP server have three scopes for the three different VLANs.
View 2 Replies
View Related
Nov 20, 2011
The DHCP/DNS server is on ip address 10.1.100.103 with an alt on .102 I'm attempting to integrate a 4510R+E into an existing network and use existing DHCP/DNS windows 2008 server to push out IP addresses to connected computers.
I want to assign a VLAN to every port for management purposes and then I put an IP helper address on every VLAN.
I've attached a the 4500E partial config. I'm attempting to get Gi1/44 to a state where I can plug a computer into it an resolve an ip address and gain internet access like all the devices on the existing network can do.
I've created a new scope in DHCP with the ip subnet of 10.60.211.0 255.255.255.0 It leases addresses from .1 to .253
The computer will not resolve ip addresses with this config.
View 5 Replies
View Related
Apr 29, 2012
we have a 3560 switch configured with EIGRP with dhcp. We have a user that we cannot ping, however the interface show up / up and no errors on interface. the ip address is 10.2.0.199 - however we have dhcp configured to exclude the range from dhcp ip dhcp excluded-address 10.22.0.1 10.22.0.200 how can this work station get a dhcp address if we have that ip range excluded from the dhcp pool?
The user is off a different switch that is a uplink to this distribution switch. Traceroutes shows that the problem is with the distribution switch.
View 4 Replies
View Related
Dec 11, 2012
a new LAN installation, two VSS pair 6509 core, 15 closets, with 3750 stacks. Floor 15 only, devices/hosts can ping teh DHCP server but cannot aquire IP addresses. no such problem on other floors?
portfast an dother parameters are intact.
View 2 Replies
View Related
Jan 30, 2011
I have a 3911 router with a 1242 AP. The problem that I have is that when the user is trying to connect, the user get the OS Ip address 169.254.168.154 and I see that when I do the "show dot11 association" command, but when I do sh ip dhcp binding on the router I see
172.19.9.141 0100.18de.74db.14 Jan 31 2011 11:14 AM Automatic
The router is seeing as if the router gave the ip address to the user, but the reality the user was assigne the OS ip address 169. I did "debug ip dhcp server events" and I got the following:
Jan 31 11:09:06.752 EST: DHCPD: Seeing if there is an internally specified pool class:Jan 31 11:09:06.756 EST: DHCPD: htype 1 chaddr 0100.18de.74db.14
Jan 31 11:09:06.756 EST: DHCPD: remote id 020a00000a58218400000000Jan 31
[Code].....
View 10 Replies
View Related
Jun 8, 2013
We have 2 nexus 7010 switches configured with HSRP in the network. For all the vlans core1 is Master and Core2 is standby. In the current setup we have external dhcp server and dhcp relay is configured for all the vlans on Master and standby switch. The setup is running the IOS 5.2
Activity Done: During the Maintainacne activity, we isolated core1 switch in the network by disabling the vpc/keepalive and all the uplinks from access switch. The core2 switch was master for all the vlans.
Issue observed: It has been observed that new users were not getting ip address from the dhcp server. The ethereal capture showed that dhcp server was not getting the dhcp requests from the core2 switch. We disabled the dhcp feature in core2 and enabled again with dhcp relay again configured on vlan interfaces .even after doing this no change was observed in behaviour. Finally we got core1 back in network by enabling all the links.
Observation: The moment VPC link came up between the core switches, users started getting ip's from dhcp. Then we started enabling all the uplinks on core1.Core1 again become master for all the vlans and users continued getting ip’s. Network running fine.
Further Testing
1. For one of the vlan, core 2 switch has been made primary and for new users checked the dhcp functionality and it was working fine. The aim was to identify if anything wrong on core 2 related to dhcp relay
2.Again we changed the priority for this vlan and made core1 master for the same. This time we disabled this vlan on core1 and tried new user with core 2 became master and dhcp functionality worked fine for new user. Actually in this case we have simulated the same behaviour when we observed the issue with only difference of VPC was not available during the issue time as core 1 was isolated form network
Inputs needed.
Is there any known behaviour for dhcp functionality when VPC is unavailable? If we see the test scenario2 (wherein core1 was master for the vlan and we disable this vlan on core 1 and core 2 was able to relay dhcp requests for new users in this vlan.) it was actually same as scenario we observed during issue time..
View 7 Replies
View Related
