[c-nsp] DHCP Relay breaks after some time on Cat 3750X
Markus Hauschild
hauschild.markus at gmail.com
Thu Aug 27 07:08:42 EDT 2015
I forgot to attach the config file.
On Thu, Aug 27, 2015 at 1:06 PM, Markus Hauschild
<hauschild.markus at gmail.com> wrote:
> Hi,
>
> I have a weird problem with DHCP relay on a Cat 3750X:
>
>
> Configuration is as follows (full config w/o passwords in attachment):
>
> Two "ip helper-address <ip>" statements (one for each server) are set
> on each vlan interface where I want to have DHCP relay.
>
>
> After I boot the switch DHCPDISCOVER broadcasts from clients are
> properly forwarded to both DHCP servers (example output taken from the
> first one):
>
> Aug 26 17:49:57 aveta dhcpd: DHCPDISCOVER from 60:57:18:x:y:z via 172.23.4.254
> Aug 26 17:49:58 aveta dhcpd: DHCPOFFER on 172.23.4.240 to
> 60:57:18:x:y:z ($hostname) via 172.23.4.254
> Aug 26 17:49:58 aveta dhcpd: DHCPREQUEST for 172.23.4.240 (172.23.2.1)
> from 60:57:18:x:y:z ($hostname) via 172.23.4.254
> Aug 26 17:49:58 aveta dhcpd: DHCPACK on 172.23.4.240 to 60:57:18:x:y:z
> ($hostname) via 172.23.4.254
>
> Yet after a while DHCPDISCOVER broadcasts are no longer forwarded to
> any DHCP server, only unicast (e.g. DHCPREQUEST) still works.
>
> I had a similar config running for months (obviously a few times
> port/vlan assignments changed, I migrated from OSPF+OSPFv3 to OSPFv3
> only ...) until I had this problem occur for the first time.
>
> The current situation is that DHCP relay works for a certain period of
> time (hours to days) after a cold boot until all DHCP broadcasts are
> silently discarded again.
>
> I do see the broadcasts on wireshark in the same VLAN, I don't see any
> DHCPDISCOVER on the server with tcpdump.
>
>
> I tried debug ip dhcp server packet but couldn't find anything
> helpful. Any ideas what to further debug/look into? Anything wrong
> with the config? Possible Hardware problem?
>
>
> Greetings,
> Markus
-------------- next part --------------
!
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service unsupported-transceiver
!
hostname core
!
boot-start-marker
boot-end-marker
!
logging buffered 32768
enable secret XXXX
!
username root privilege 15 secret XXXX
no aaa new-model
clock timezone CET 1 0
clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00
switch 1 provision ws-c3750x-48p
system mtu routing 1500
ip routing
!
!
no ip domain-lookup
ip domain-name local
ip device tracking
ip igmp snooping querier
ipv6 unicast-routing
vtp mode off
!
!
!
!
!
!
!
spanning-tree mode rapid-pvst
spanning-tree portfast default
spanning-tree extend system-id
!
!
!
!
!
!
!
!
!
vlan internal allocation policy ascending
!
vlan 2300
name Management
!
vlan 2301
name Internal Services
!
vlan 2302
name Public Services
!
vlan 2303
name Members
!
vlan 2304
name Guests
!
ip ssh authentication-retries 2
lldp run
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 172.23.99.1 255.255.255.255
ipv6 enable
ospfv3 1 ipv4 area 0
!
interface FastEthernet0
no ip address
no ip route-cache
shutdown
!
interface GigabitEthernet1/0/1
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/2
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/3
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/4
description Server X
switchport access vlan 2302
power inline never
!
interface GigabitEthernet1/0/5
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/6
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/7
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/8
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/9
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/10
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/11
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/12
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/13
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/14
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/15
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/16
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/17
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/18
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/19
description User Port EG/09
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/20
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/21
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/22
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/23
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/24
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/25
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/26
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/27
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/28
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/29
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/30
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/31
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/32
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/33
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/34
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/35
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/36
description User Port
switchport access vlan 2304
power inline never
!
interface GigabitEthernet1/0/37
description Access Point
switchport trunk encapsulation dot1q
switchport trunk native vlan 2300
switchport mode trunk
power inline port priority high
!
interface GigabitEthernet1/0/38
description Access Point
switchport trunk encapsulation dot1q
switchport trunk native vlan 2300
switchport mode trunk
power inline port priority high
!
interface GigabitEthernet1/0/39
description Access Point
switchport trunk encapsulation dot1q
switchport trunk native vlan 2300
switchport mode trunk
power inline port priority high
!
interface GigabitEthernet1/0/40
description Access Point
switchport trunk encapsulation dot1q
switchport trunk native vlan 2300
switchport mode trunk
power inline port priority high
!
interface GigabitEthernet1/0/41
description Server Y
switchport trunk encapsulation dot1q
switchport trunk native vlan 2300
switchport mode trunk
!
interface GigabitEthernet1/0/42
description BMC Y
switchport access vlan 2300
!
interface GigabitEthernet1/0/43
description RPi A
switchport access vlan 2302
!
interface GigabitEthernet1/0/44
description RPi B
switchport access vlan 2302
!
interface GigabitEthernet1/0/45
description RPi C
switchport access vlan 2302
!
interface GigabitEthernet1/0/46
description APC USV
switchport access vlan 2301
!
interface GigabitEthernet1/0/47
description Reserved
shutdown
!
interface GigabitEthernet1/0/48
description To rtr1
no switchport
ip address 172.23.96.2 255.255.255.252
ipv6 address 2003:80:XXXX:XX96::2/64
ipv6 enable
ospfv3 1 network point-to-point
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
!
interface GigabitEthernet1/1/1
!
interface GigabitEthernet1/1/2
!
interface GigabitEthernet1/1/3
!
interface GigabitEthernet1/1/4
!
interface TenGigabitEthernet1/1/1
!
interface TenGigabitEthernet1/1/2
!
interface Vlan1
no ip address
!
interface Vlan2300
description Management
ip address 172.23.0.254 255.255.255.0
ipv6 enable
ospfv3 1 ipv4 area 0
!
interface Vlan2301
description Internal Services
ip address 172.23.1.254 255.255.255.0
ip helper-address 172.23.2.1
ip helper-address 172.23.2.2
ipv6 enable
ospfv3 1 ipv4 area 0
!
interface Vlan2302
description Public Services
ip address 172.23.2.254 255.255.255.0
ip helper-address 172.23.2.1
ip helper-address 172.23.2.2
ipv6 enable
ospfv3 1 ipv4 area 0
!
interface Vlan2303
description Members
ip address 172.23.3.254 255.255.255.0
ip helper-address 172.23.2.1
ip helper-address 172.23.2.2
ipv6 address 2003:80:XXXX:XX03::1/64
ipv6 enable
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
!
interface Vlan2304
description Guests
ip address 172.23.4.254 255.255.255.0
ip helper-address 172.23.2.1
ip helper-address 172.23.2.2
ipv6 address 2003:80:XXXX:XX04::1/64
ipv6 enable
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
!
router ospfv3 1
router-id 172.23.99.1
!
address-family ipv4 unicast
passive-interface default
no passive-interface GigabitEthernet1/0/48
exit-address-family
!
address-family ipv6 unicast
passive-interface default
no passive-interface GigabitEthernet1/0/48
exit-address-family
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
ip route 192.168.0.0 255.255.0.0 Null0
!
ip access-list standard ACL_SNMP
permit 172.23.2.5
!
!
logging source-interface Loopback0
logging host 172.23.2.5
access-list 111 permit udp any any eq bootpc
access-list 111 permit udp any any eq bootps
access-list 111 deny ip any any
!
snmp-server community public RO ACL_SNMP
snmp ifmib ifindex persist
!
!
line con 0
line vty 0 4
login local
transport input ssh
line vty 5 15
login local
transport input ssh
!
ntp server 172.23.0.81
end
More information about the cisco-nsp
mailing list