Cisco Switching/Routing :: DNS Query Fails Behind DHCP / NAT - Router ISR 861
Nov 18, 2012
in my simple network setup, I cannot resolve DNS queries from inside my NATted network. On the router I can ping both IP-addresses and names. Ping from the local machine works for IP-Adresses but not for names. When doing nslookup, addresses are not found and a SERVFAIL message is returned. I use a Cisco ISR 861 Router to connect our local LAN to the Internet (The WAN of the 861 is connected to another DHCP/NAT-Router, which in turn connects to the ISP-Modem). Addresses in the local LAN are DHCP-distributed, the DNS-Servers from my ISP are configured on the Router and the DNS-Information is distributed correctly to my local LAN machines (as I can verify by doing nslookup on Linux).
View 21 Replies
ADVERTISEMENT
Nov 23, 2011
I need support on understanding and configuring dhcp relay agent And forwarding. Lets say a bunch of TCP/IP devices required a dhcp ip where it is installed on a perticular server to run so. The server having dhcp pool where it provide the devices with IP addresses as he recieve queries from them requesting to release their addresses. On 2960 switch no dhcp configured and ports assigned under specific vlan under those devices. The issue here, if power goes down and booting process started, the devices started to ask the server for ip add and it takes too much time and somehow it does not take ip and those request kind a dropped. As the minimum requirement is to configure relay agent on the switch and forwarding and multicast?
View 7 Replies
View Related
Feb 16, 2013
I have two 5548s as core. 8 FEXs are multihomed (advanced vPC topology?) to both the cores.Suppose, I have to configure a bunch of ports on the FEXs, say Eth101/1/10 - 20. I would login to the first core and apply the configs.
My question is - do I have to do the same on the second core also? Or would the first core replicate the stuff to the second core? I know about port-profiles/CFS and such. But, without that would it automatically sync to second core?
For testing purpose, I went to Core 1 Eth101/1/10 and put a description "TEST". Wrote the config. After 5 minutes logged into second core and did show run Eth101/1/10. But, the description "TEST" didn't show up there.
Also, doing sh run on any FEX port is faster on one of the cores and very slow on second core... all the FEXs have 20 GB uplink to core 1 & 2 (so total 40GB in vPC, max pinning 1)
View 2 Replies
View Related
Apr 3, 2012
Have a client wanting to hand out public ip addresses to all clients from a PFSense Firewall terminating the internet connection.
How do I allow the Cisco Switches currently in place, configured with private ip addresses in the 10.10.x.x ranges and Vlans, where the main 3550 layer 3 has defined dhcp scopes for each vlan, to relay dhcp requests from all vlans to the PFSense firewall?
I assume I would take off the currently defined dhcp scopes for the vlans and configure each vlan/switch with the ip helper address and specify the PFSense firewall and that Nat would have to be disabled onthe firewall?
View 1 Replies
View Related
May 6, 2012
I am planning on implementing a mode-conditioning patch solution along with LX/LH SFP's over multimode fiber in my network. I wanted to know if this solution is also supported by the G5486 Gbic's, ie, can I use the 5486 GBIC along with a mode-conditioning patch over multimode fiber as well?
View 2 Replies
View Related
Feb 27, 2012
All the other switches / routers on quering for SNMP sysName.0 returns their FQDN in our network. The Nexus 7010 and 5020 switches in the network return only their name. "hostname xx" and "ip domain-name xx" defined on all the devices. The SNMP MIB is matching. There are no other SNMP related issues. How can I get the FQDN for these devices ?
$ snmpget -v 2c -c public m-65k-00.core sysName.0
SNMPv2-MIB::sysName.0 = STRING: m-65k-00.core.abcd.com
$ snmpget -v 2c -c public m-N7K-00.core sysName.0
[Code].....
View 4 Replies
View Related
Jun 11, 2012
we finally got my Cisco refurbished E2500 configured and working downstream from a UVerse 3801HGV box. We had to change the default IP address of the 3801 because it conflicted with the E2500's default. The E2500 is set up to get its Internet IP address using DHCP from the 3801. This is working fine for normal web browsing, etc. However, anything that requires extended connections (downloads, streaming, etc) freezes after a couple of minutes, forcing me to refresh the action to get it started again. Extremely annoying to say the least.
I'm pretty sure that I've tracked it down to the E2500's configuration of the 3801's DHCP allocation. For some reason, the E2500 wants to set the DHCP Lease Time for the 3801's assigned IP address to 10 minutes regardless of the upstream settings from the 3801. The 3801's default is 24 Hours which I've changed to 168Hours (7 days), but the E2500 stays stuck at 10 Minutes. Specifically, I'm referring to the setting displayed on the E2500 under Status>Router>Internet Connection IPV4>DHCP Lease Time.
View 9 Replies
View Related
Apr 28, 2013
I have a Linksys WRT310N v1 with firmware v1.0.10 build 002Jul 19, 2010 My router fails to renew it's DHCP lease from my cable provider, causing internet access to drop. I can still access my cable modem at 192.168.100.1, but I must do a "IP Address Release" then "IP Address Renew" to get back internet access. The router works fine otherwise.
View 6 Replies
View Related
Nov 11, 2012
I have some DHCP trouble since I subnetted my network with a 2921. My clinets are in 172.16.2.0/23 and DHCP servers are in 172.16.5.0/24.Sometimes, randomly I guess, I get NACK from my DHCP server, and if I look into DHCP logs I got something like this:
15,11/09/12,09:52:27,NACK,172.16.3.172,switchE51D12.host.com,A0CF5BE51D12,,0,6,,,,,,,,
15,11/09/12,09:52:28,NACK,172.16.3.172,switchE51D12.host.com,A0CF5BE51D12,,0,6,,,,,,,,
15,11/09/12,09:52:29,NACK,172.16.3.172,switchE51D12.host.com,A0CF5BE51D12,,0,6,,,,,,,,
[code]....
View 6 Replies
View Related
May 31, 2013
I have a problem accessing my wireless router through VLAN sub-interface on my Cisco 1841 router. My hardware:
Cisco Catalyst 2960 switch (192.168.100.4 /24)
Cisco Catalyst 3550 switch (192.168.100.6 /24)
Cisco 1841 router (192.168.100.7 /24)
Asus RT N66U wireless router (192.168.100.2 /24)
Here's my network topology:
I have two VLANs - 10 and 20. 2 DHCP pools are configured on 2 1841's interfaces - 192.168.1.0 /25 and 192.168.1.128/26 with default router sitting on 192.168.1.1 and 192.168.1.129 respectively. No issues with obtaining IP address from any of those pools.Laptop connects to L3 3550 switch (switchport access vlan 10), which, in turn, connects to 1841 router through trunk (with VLANs 10 and 20 allowed).3550 is connected to 2960 through trunk with VLANs 10 and 20 allowed.Wireless router is connected to 2960.I can successfully ping my wireless router and outside world from 1841 from fa0/1 interface, but not from fa0/1.10 or fa0/1.20 sub-interfaces - all packets got dropped. My laptop can obtain IP from both pools (depending on port I connect it to), but can't ping my wireless router and anything beyond it.
I attach my configs:Cisco Catalyst 3550:interface FastEthernet0/1 switchport trunk encapsulation dot1q switchport mode trunk switchport port-security mac-address sticky speed 100!interface FastEthernet0/2 switchport trunk encapsulation dot1q switchport mode trunk!interface FastEthernet0/3 switchport access vlan 10 switchport mode access!interface FastEthernet0/4 switchport access vlan 20 switchport mode access!Cisco 1841:
ip dhcp pool Vlan10DHCP network 192.168.1.0 255.255.255.128 default-router 192.168.1.1 dns-server 208.67.220.220 domain-name home.local
!ip dhcp pool Vlan20DHCP network 192.168.1.128 255.255.255.192 default-router 192.168.1.129 dns-server 208.67.220.220 lease 0 12
interface FastEthernet0/1 ip address 192.168.100.7 255.255.255.0 duplex auto speed auto!interface FastEthernet0/1.10 description VLAN10 Sub Interface encapsulation dot1Q 10 ip address 192.168.1.1 255.255.255.128!interface FastEthernet0/1.20 description VLAN20 Sub Interface encapsulation dot1Q 20 ip address 192.168.1.129 255.255.255.192!
Routing table on 1841:
[code]....
View 19 Replies
View Related
Mar 13, 2013
I dont understadn how this works but basically I have enabled dhcp or so I thought bu clients dont get a lease. The vlan does but clients connecting to the switchports attached to the vlan do not get a lease and cant connect to anything. If I static the ip or use my server to issue dhcp then it's fine still some issues since I am cluceless but I dont understand what I have to do to get dhcp to work on the fa0-3 ports.
Router#sh running-config
Building configuration...
Current configuration : 1015 bytes
!
[Code]......
View 2 Replies
View Related
May 12, 2013
I am a newbie to Cisco. I am trying to setup NAT with DHCP in our office on CISCO 819 router. I am having a problem with DHCP not assigning an IP on vlan1. I cannot figure out what i'm doing wrong. Below is my config and debug from DHCP.
router#sh config
Using 4328 out of 262136 bytes
!
! Last configuration change at 05:56:39 UTC Mon May 13 2013 by cisco
! NVRAM config last updated at 05:57:16 UTC Mon May 13 2013 by cisco
[Code]....
View 3 Replies
View Related
Jan 2, 2013
I have setup a 4500 series core/router.. the customer decided to run dhcp off the router for whatever reason... I have 20 different scopes handing out to their vlans. Does each vlan interface need an helper address?
vlan 1 on router is 10.85.0.1
i used the ip dhcp-server command pointed to 10.85.0.1
and then for ex.
int vlan 20
ip add 10.85.20.1 255.255.248.0
ip helper-address 10.85.0.1
i am now getting a loopback error on the router, and i believe this is the cause...
View 2 Replies
View Related
Feb 3, 2010
We've been mocking up a test lab to test VSS on two 6500's. Each 6500 has one sup720 and a 6708-10ge blade and we've established the two 10ge links between the two chassis; the first from the each chassis' sup and the second from each 6708.My question is, what happens when the supervisor fails on one of the chassis?
View 10 Replies
View Related
Aug 30, 2012
Just checking if any switch reset after one PS failure (configured in default redundant mode). No crash file has been generated. Switch is running IOS 12.2(44)SG and PWR-C45-1400AC. After the switch went online we found that PS1 has gone bad. Haven't found any bug in the tool kit. [code]
View 5 Replies
View Related
Jul 9, 2012
Is it possible to configure an 881 router to act as a DHCP server to 4 VLAN's each with a different scopes all through a single ethernet interface?
View 2 Replies
View Related
May 1, 2012
I am going to get some wyse thin clients up and running on our departments. Each department communicate with the main-office through Cisco C1812 routers.
In order to get functionally DHCP up and running, I need to
A - Configure some Dhcp options on the C1812 routers
B - Perform a DHCP relay from each department to the main-office
Option B will cause some additional issues, so is not preferred.
The question is: Does the Cisco DHCP-client have an option for configuring DHCP options? I need to put in among others, an option 161, a string value pointing to a ftp-server. Can this be done? And if it can, what is the right syntax
I have recently started working here, therefore I am not certain of the IOS-version on the router, as I still not have the logon-information, but I will aqquire this shortly.
View 4 Replies
View Related
May 2, 2012
i'm interested if it's possible to set the NTP server via DHCP on an 2901 Router with 15.2(2) image.
i configured the interface gigabit 0/0 as dhcp client. The DHCP Server sends to me DNS, Default GW and NTP. All is working fine, but the NTP will not be configured. i tried to add an DHCP option request, but there is no NTP (42) value. [code]
is there any way to add the value NTP (42) for the DHCP request or isnt it possible?
View 4 Replies
View Related
Jul 23, 2012
I have a cisco 3560 24PS and its connected to two ADSL broard band routers.one is a personal broadband line using a Billion ADSL broadband router, and the other is a business broardband line using BT's 2wire broadband line.on the Billion routers i have various things attached like a NAS and a printers, both wired connections. then i have laptops and phones that connect over wifi, so its configured to act as a DHCP server
the only thing conncted to my 2wire router is my company's laptop (wired or wifi depending on where i'm working from), so again i have it working as a dhcp server.The switch is configured with multiple vlans, with dhcp scopes assigned for each vlan.I have a static route pointing all traffic to my Billion ADSL for internet connectivity.
The problem i'm having is that when i turn on the cisco switch, all wifi conected devices loose their conection. only 2 things get it working again, a reboot of the router, or disabling then enabling the DHCP service on the router.upon further analysis i was able to find out that the devices were not able to pick up an address from the router. again i looked deeper into this and i can see the following on logs of my router: [code]
so it seems that the router tuns off its DHCP capabilities because it detects that my Cisco switch is running DHCP services. I need to figure out how to keep the billion routers DHCP running when ever the switch is turned on.is there a way of filtering out any DHCP chat from the switch to the router?
View 7 Replies
View Related
Mar 26, 2009
our backbone (6509) is connected to atm backbone (nortel passport) those are connected through giga Ethernet interface and running ospf in area 0. One week ago we lost the ip connectivity between those backbones, the interfaces were in up but the neighbor relation fail and it was kept in LOADING STATE, according we the logs the neighbor relation fail because a BAD LSA was received (error messages %OSPF-4-ERRRCV:Bad LSU adv and %OSPF-4-BADLSATYPE:Invalid lsa:Bad LSA chksum Type 5 were received during the outage)We check in cisco and this is quite normal behavior if we receive a bad LSA but the customer is asking why we have the same error message for long time and we didn't lost the neighbor relationship.
how many bad lsa we can receive before to lost the neighbor relationship.We receive two errors messages for bag lsa.. [code]
View 3 Replies
View Related
Jul 29, 2012
how can I show the DHCP-range of a router if I don't have privilege level? (not in enable-mode),I can do a "show ip dhcp pool" - this will show me the range which is configured with the network-command.But there are also some dhcp-exclude-addresses which I can't see.... (I did a test on a router with full privilege-access)I need this because I have a router with limited access from our provider.
View 0 Replies
View Related
Dec 11, 2012
I am running into a DHCP problem on a Cisco 891 running 15.0(1)M2. I am running DHCP on the router and want to reserve an address for a printer. I have done this hundreds of times on hundreds of routers. Per Cisco recommendation, I let the printer lease an address to see whether it uses it's "hardware-address" or "client-id". This printer uses the "hardware-address" format. The printer has leased 10.0.0.102 right off the bat. I want it at 10.0.0.50.
I have a DHCP pool, like this:
ip dhcp pool CLIENT
network 10.0.0.0 255.255.255.0
domain-name chsinc.ds
default-router 10.0.0.1
dns-server 10.0.0.1
lease 2
I create a "reservation" like so:
ip dhcp pool HP_LaserJet_Printer
host 10.0.0.50 255.255.255.0
hardware abcd.ef12.3456
Now I do a "show running-config" to see what I've put in and it looks just like above. Now we reset the network settings or change any network setting on the printer to force it to renew it's lease. What should happen and what usually happens is that the printer should request an IP, be offered 10.0.0.50, accept that IP and come up on that IP address. What is happening with this particular printer is that the printer requests a specific IP (the same IP that it had initially = 10.0.0.102), the router says OK and does not enforce the reservation. Then the router actually deletes the hardware-address config line right out of the running config. A "show running-config" shows that the reservation config now looks like this:
ip dhcp pool HP_LaserJet_Printer
host 10.0.0.50 255.255.255.0
See the logs below. Notice the ones in bold.
000226: Dec 12 17:34:01.382: DHCPD: Seeing if there is an internally specified pool class:
000227: Dec 12 17:34:01.382: DHCPD: htype 1 chaddr 101f.74b0.575c
000228: Dec 12 17:34:01.382: DHCPD: remote id 020a00000ae1e10100000001
000229: Dec 12 17:34:01.382: DHCPD: circuit id 00000000
[code]....
Is there a way to make the router enforce the reservation and not let clients just bring their own IP and actually make changes to the running-config of the router?
View 6 Replies
View Related
Jul 17, 2012
I have a Catalyst 4500 L3 Switch Software (cat4500e UNIVERSAL-M), Version 03.02.00.XO RELEASE SOFTWARE (fc2). So I just wanted to verify that the switch only does dot1q encapsulation because the switchport trunk encapsulation dot1q command does not work.
View 3 Replies
View Related
Sep 27, 2012
Looking for multicast over IRB interfaces. My full config below, works as expected on a Cisco 1760 router (IOS 12-4) but fails strangely on our Cisco 2800 (IOS 15-1) and Cisco 1941 G2 routers.
I use Windows 7 Enterprise and VLC 2.0.0 Two Flower as the multicast video receiver. On the 1760 router, I open VLC, request the video (rtp://@239.255.0.1:5004) and it plays flawlessly.
We have to upgrade the older outdated unsupported Cisco 1760 routers. We replace the Cisco 1760 router with a Cisco 1941 router. Configuration differs ONLY in the interface speeds; F0/0 to G0/0 and that is just bout it. Using the same Windows 7 Enterprise PC, I open VLC again and request the video -same as before; No video and no voice. We swap the 1941 out and put in the 1760 again, multicast works flawlessly. If we put the 1941 router back in, multicast fails again. We put the Cisco 2800 series router in and it also fails the same as the 1941 router.
Troubleshooting, I open VLC and request the same multicast video. On the same PC, I open Wireshark and start capturing packets, - and instantly the VLC video starts playing. I close Wireshark and the video stops. I open Wireshark and start capturing packets again and the VLC video starts playing again.
Wireshark shows the video packets are being received from the source when VLC is requesting the video. If I close VLC while Wireshark is capturing packets, Wireshark shows the video stream stops.
Shows the correct multicast sources, incoming and outgoing interface details
Incoming interface is Serial
Outgoing interface is BVI
Show ip pim rp
Reveals the correct RP details
[code]...
View 2 Replies
View Related
Jan 21, 2012
I am having issues with 'telnet' on port 2821 to a range of servers connecting through vlan interface from my core switch 6513 running s72033_rp-DVIPSERVICESK9_WAN-VM) version 12.2(33)SXH7, RELEASE SOFTWARE (fc3). The telnet on port 1556 and 13724 is ok.
View 1 Replies
View Related
Jan 16, 2008
I have this card installed onmy 3845 running version 12.4(18). But this card fails to show up.
here is what I found in a show tech.
WIC Slot 0:
Unknown WAN daughter card
WIC module not supported/disabled in this slot
Hardware Revision : 2.0
Top Assy. Part Number : 800-27738-02
Part Number : 73-10677-02
Board Revision : B0
Deviation Number : 0
Fab Version : 02
PCB Serial Number : FOC********
RMA Test History : 00
RMA Number : 0-0-0-0
RMA History : 00
Product (FRU) Number : HWIC-2FE
Version Identifier : V01
CLEI Code : COUIAFUCAA
Base MAC Address : 001a.6c70.260b
MAC Address block size : 2
Connector Type : 01
EEPROM format version 4
EEPROM contents (hex):(code)
View 4 Replies
View Related
Feb 28, 2012
I have a cisco 7606-S with dual RSP720-3CXL. Devices reloaded and now none of the RSPs are booting.When I have tried to take the console using only one RSP, card going to rommon mode after that it hangs. I guess its firmware is corrupted.
View 4 Replies
View Related
Jan 20, 2012
If it's possible, how do you protect/block a unauthorized DHCP SOHO router with NAT form a Cisco 3750?
View 16 Replies
View Related
Jan 30, 2011
I have a 3911 router with a 1242 AP. The problem that I have is that when the user is trying to connect, the user get the OS Ip address 169.254.168.154 and I see that when I do the "show dot11 association" command, but when I do sh ip dhcp binding on the router I see
172.19.9.141 0100.18de.74db.14 Jan 31 2011 11:14 AM Automatic
The router is seeing as if the router gave the ip address to the user, but the reality the user was assigne the OS ip address 169. I did "debug ip dhcp server events" and I got the following:
Jan 31 11:09:06.752 EST: DHCPD: Seeing if there is an internally specified pool class:Jan 31 11:09:06.756 EST: DHCPD: htype 1 chaddr 0100.18de.74db.14
Jan 31 11:09:06.756 EST: DHCPD: remote id 020a00000a58218400000000Jan 31
[Code].....
View 10 Replies
View Related
May 30, 2013
I have a sg200-18 connected via one of the ports to my ISP's router/modem. Using an unmanaged switch everything works as expected, but after a few days on my sg200 my two computers fail to get assigned IP's and cannot connect to anything. I also have a couple printers that seem to have no problems getting their IP's passed through to the router as I can use them fine from my machines when connected to the unmanaged switch.
Is there a possibility I don't have my switch setup properly to know that all outgoing data must go to the router, or UDP traffic is being dropped somehow?
View 7 Replies
View Related
Jan 9, 2012
I'm setting up a new 4900m running cat4500e-ipbase-mz.122-53.SG5.bin. I'm attempting to create Port-Channels as a Trunk for uplink to a 4503 running cat4500-ipbase-mz.122-37.SG1.bin.When I attempt the command "switchport trunk encapsulation dot1q" it errors out.
View 3 Replies
View Related
Apr 11, 2012
I have a Cisco 2960S stack and I'd like to tune the timers so that packet loss is minimal if a switch fails.To simulate a failed switch I have reloaded it while running a continuous ping to a management address on the stack's SVI: [code] As I see the same results when a ping is directed through the single switch (switched), and through the firewall (routed), I'm inclined to think that this is due to the stack failover timers on the Catalyst 2960S.Is it possible to change the stack failover timers (i.e hold down, failover etc), to speed up the failover process?
View 1 Replies
View Related
Nov 11, 2012
We have an SLM248G switch which seems to be giving a few problems. When attempting to access the switch, the admin page loads but after logging-in, the admin portal page does not load fully, see screenshot.
Even after a factory reset (reset button held), the issue continues. Is there any other workaround for completely resetting everything?
View 2 Replies
View Related
