[cisco-bba] External DHCP server doesn't work well for PPPoX customer on Cisco 7206VXR when DHCP address pool constrained

Frank Bulk frnkblk at iname.com
Wed Oct 17 23:55:40 EDT 2007


It's the third time this has happened to me, so perhaps someone has heard of
this before.

When our DHCP pool (on an external DHCP server) gets close to 90% we start
encountering IP address conflicts on our BRAS (Cisco 7206VXR) and PPPoA
clients start failing.  Because I use the "ppp ipcp unique-address" in my
Virtual-Template I never can have two of the same IP addresses at the same
time.  

The external DHCP server starts handing out IP addresses to PPPoA clients
even though those IP addresses are still active on the BRAS.  The obvious
question is why the DHCP server is doing that, and I believe it's because it
thinks the previous lease had expired.  If I look at the dhcpd.leases file,
almost every time I've checked it's past the 3 day default least time.  The
DHCP server is only using recently "expired" IP addresses because the
selection of free IP addresses is so limited.  Normally it would use an IP
address that had been expired a log time ago, or an IP that has never been
used.  

Is it possible that some PPPoA clients aren't renewing (via IPCP) as they
ought to?  Or is that the BRAS' responsibility to manage that DHCP renewal?
My default lease time is 3 days, and maximum lease time is 6 days.  Is it
possible that some PPPoA, or the BRAS, is taking advantage of the maximum
lease time and not renewing until 6 days, while the DHCP server will reuse,
in scarce conditions, those lease that are more than 3 days?  Should I be
setting my maximum lease time equivalent to default lease time?

Here's some example output from "show dhcp lease"

Temp IP addr: 66.43.x.y  for peer on Interface: Virtual-Access1571
Temp  sub net mask: 255.255.255.0
   DHCP Lease server: a.b.c.d, state: 3 Bound
   DHCP transaction id: D98BA
   Lease: 259200 secs,  Renewal: 129600 secs,  Rebind: 226800 secs
   Next timer fires after: 1d11h
   Retry count: 0   Client-ID: bviper

The way we temporarily work around this is to identify what IP address the
failing client wants, and then find the live client that is using that IP
address and clearing out it's Virtual-Interface, allowing the failing client
to get in.  The live client then reconnects within a few seconds and gets a
different IP from the DHCP server.  What's challenging is that this can be
recursive, up to a dozen times, until all the discrepancies are worked out.
Long term we get more IPs which gives the external DHCP server a larger
selection which means it doesn't have to use recently "expired" leases.

I'm running c7200-is-mz.122-26.bin.

Kind regards,

Frank



More information about the cisco-bba mailing list