[c-nsp] Embeded Packet Capture for DHCP Troubleshooting
Jeff Wojciechowski
Jeff.Wojciechowski at midlandpaper.com
Tue Sep 21 11:31:02 EDT 2010
Yessir - IPV4.
Basically the debugging on the router kept showing the IPV4 address being offered to the particular client over and over again - that's why I wanted the packet capture to dig into the issue a little deeper.
Thanks,
-Jeff
From: Heath Jones [mailto:hj1980 at gmail.com]
Sent: Tuesday, September 21, 2010 10:28 AM
To: Jeff Wojciechowski
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Embeded Packet Capture for DHCP Troubleshooting
It's a L2 & L3 broadcast for requests, then unicast for replies. The clients will never have IP addresses before they get a lease from the DHCP server - that is what a DHCP lease is (on v4). Are you talking about IPv4?
So your saying that at some point in time the clients are issuing dhcp requests, but not seeing replies?
On 21 September 2010 16:23, Jeff Wojciechowski <Jeff.Wojciechowski at midlandpaper.com<mailto:Jeff.Wojciechowski at midlandpaper.com>> wrote:
2801 is doing dhcp - and I wanted to get a packet capture to see why 2 thin clients won't get dhcp leases successfully from the 2801 upon boot up (so before the client has an ip from dhcp - isn't the dhcp transaction all arp?)
Sent from Midland Paper Company's Blackberry Server
From: Heath Jones [mailto:hj1980 at gmail.com<mailto:hj1980 at gmail.com>]
Sent: Tuesday, September 21, 2010 10:12 AM
To: Jeff Wojciechowski
Cc: cisco-nsp at puck.nether.net<mailto:cisco-nsp at puck.nether.net> <cisco-nsp at puck.nether.net<mailto:cisco-nsp at puck.nether.net>>
Subject: Re: [c-nsp] Embeded Packet Capture for DHCP Troubleshooting
I just re-read and saw it was the 2601 as the dhcp server.
What problem are you trying to solve?
On 21 September 2010 16:10, Heath Jones <hj1980 at gmail.com<mailto:hj1980 at gmail.com>> wrote:
Hi Jeff - which device is performing the dhcp server function and what problem are you actually having?
On 21 September 2010 15:46, Jeff Wojciechowski <Jeff.Wojciechowski at midlandpaper.com<mailto:Jeff.Wojciechowski at midlandpaper.com>> wrote:
All:
I would like to use Embedded Packet Capture at a remote site to troubleshoot IOS DHCP at a remote site.
(referencing http://www.cisco.com/en/US/docs/ios/netmgmt/configuration/guide/nm_packet_capture_ps6441_TSD_Products_Configuration_Guide_Chapter.html#wp1060070)
The concept looks pretty straightforward but since DHCP negotiation isn't IP - I am having trouble with building the access list to determine what traffic to capture.
The device I would like to perform the capture on is a 2801 and that is the device serving DHCP to clients at that site.
Utilization on that router is pretty low so if I *had* to capture all traffic on F0/0 and dump it via TFTP to the fileserver at the site - I think that might be a viable option? But the fileserver is connected to the switch that connected to F0/0 that I want to perform the capture on.
Regular DHCP debugs only show that 2 devices are continually offered IPs but then apparently keep re-requesting them. (So maybe I am barking up the wrong tree here.)
Diagram:
WAN----Serial-2801-F0/0----Switch------DHCP Clients and Fileserver
Any and all hints would be greatly appreciated.
Thanks much,
Jeff Wojciechowski
LAN, WAN and Telephony Administrator
Midland Paper Company
101 E Palatine Rd
Wheeling, IL 60090
* tel: 847.777.2829
* fax: 847.403.6829
e-mail: jeff.wojciechowski at midlandpaper.com<mailto:jeff.wojciechowski at midlandpaper.com><mailto:jeff.wojciechowski at midlandpaper.com<mailto:jeff.wojciechowski at midlandpaper.com>>
http://www.midlandpaper.com<http://www.midlandpaper.com/>
________________________________
This electronic mail (including any attachments) may contain information that is privileged, confidential, or otherwise protected from disclosure to anyone other than its intended recipient(s). Any dissemination or use of this electronic mail or its contents (including any attachments) by persons other than the intended recipient(s) is strictly prohibited. If you have received this message in error, please delete the original message in its entirety (including any attachments) and notify us immediately by reply email so that we may correct our internal records. Midland Paper Company accepts no responsibility for any loss or damage from use of this electronic mail, including any damage resulting from a computer virus.
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net<mailto:cisco-nsp at puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
________________________________
This electronic mail (including any attachments) may contain information that is privileged, confidential, or otherwise protected from disclosure to anyone other than its intended recipient(s). Any dissemination or use of this electronic mail or its contents (including any attachments) by persons other than the intended recipient(s) is strictly prohibited. If you have received this message in error, please delete the original message in its entirety (including any attachments) and notify us immediately by reply email so that we may correct our internal records. Midland Paper Company accepts no responsibility for any loss or damage from use of this electronic mail, including any damage resulting from a computer virus.
________________________________
This electronic mail (including any attachments) may contain information that is privileged, confidential, or otherwise protected from disclosure to anyone other than its intended recipient(s). Any dissemination or use of this electronic mail or its contents (including any attachments) by persons other than the intended recipient(s) is strictly prohibited. If you have received this message in error, please delete the original message in its entirety (including any attachments) and notify us immediately by reply email so that we may correct our internal records. Midland Paper Company accepts no responsibility for any loss or damage from use of this electronic mail, including any damage resulting from a computer virus.
More information about the cisco-nsp
mailing list