usslindstrom
asked on
1841 DHCP Service not working
**This is not a Linux zone question** Mistakingly put it there.
Experts,
Hit another stump. I'm trying to get the DHCP service running on my 1841.
Unfortunately, it's only receiving the requests, and not responding at all.
-------------------
Message Received
BOOTREQUEST 0
DHCPDISCOVER 13
DHCPREQUEST 1
DHCPDECLINE 0
DHCPRELEASE 0
DHCPINFORM 6
-------------------
Here's the current config for DHCP:
no ip dhcp use vrf connected
ip dhcp excluded-address 10.0.208.1 10.0.208.50
!
ip dhcp pool *****_LocalNetwork
network 10.0.208.0 255.255.254.0
domain-name *****
dns-server ***** *****
netbios-name-server ***** *****
default-router 10.0.208.1
lease 0 8
interface FastEthernet0/0
description *****
ip address 10.0.208.1 255.255.254.0
ip nat inside
ip virtual-reassembly
speed 100
full-duplex
----------
What am I doing wrong?
I have entered the "service dhcp" command - but I'm not seeing it my running config. That may be the issue.
Experts,
Hit another stump. I'm trying to get the DHCP service running on my 1841.
Unfortunately, it's only receiving the requests, and not responding at all.
-------------------
Message Received
BOOTREQUEST 0
DHCPDISCOVER 13
DHCPREQUEST 1
DHCPDECLINE 0
DHCPRELEASE 0
DHCPINFORM 6
-------------------
Here's the current config for DHCP:
no ip dhcp use vrf connected
ip dhcp excluded-address 10.0.208.1 10.0.208.50
!
ip dhcp pool *****_LocalNetwork
network 10.0.208.0 255.255.254.0
domain-name *****
dns-server ***** *****
netbios-name-server ***** *****
default-router 10.0.208.1
lease 0 8
interface FastEthernet0/0
description *****
ip address 10.0.208.1 255.255.254.0
ip nat inside
ip virtual-reassembly
speed 100
full-duplex
----------
What am I doing wrong?
I have entered the "service dhcp" command - but I'm not seeing it my running config. That may be the issue.
A broadcast sent to a subnet in the form 10.1.1.255 is a subnet broadcast if the subnet mask is 255.255.255.0.
from here:
http://www.comptechdoc.org/independent/networking/guide/netbroadcasting.html
from here:
http://www.comptechdoc.org/independent/networking/guide/netbroadcasting.html
ASKER
Na - I'm running /23 subnets.
the 10.0.208.0/23 subnet encompasses both 10.0.208.0 through 10.0.209.255
10.0.209.255 is the broadcast address for that network.
the 10.0.208.0/23 subnet encompasses both 10.0.208.0 through 10.0.209.255
10.0.209.255 is the broadcast address for that network.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for all the help so far guys. I really appreciate it.
Here's a copy (pasted in the code block below) of the current scrubbed running config with the "all" modifier. Unfortunately, I'm still not seeing "service DHCP"
:-------------------
Lemme' answer everybody in order here:
Hodepine: - Yeah, I put the "service dchp" command into the router, but I'm not seeing it in my running config. I believe this is the problem all together, but I'm not sure.
lanboyo: - I do infact have an excluded range. 10.0.208.1 - 10.0.208.50
Here's the whole dchp status output from the 1841 currently:
Memory usage 24164
Address pools 1
Database agents 0
Automatic bindings 0
Manual bindings 0
Expired bindings 2
Malformed messages 0
Secure arp entries 0
Message Received
BOOTREQUEST 0
DHCPDISCOVER 17
DHCPREQUEST 3
DHCPDECLINE 0
DHCPRELEASE 0
DHCPINFORM 20
Message Sent
BOOTREPLY 0
DHCPOFFER 4
DHCPACK 0
DHCPNAK 0
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.0.208.1 - 001e.1369.46e0 ARPA FastEthernet0/0
Internet 10.0.208.9 1 0003.ffe7.4fd2 ARPA FastEthernet0/0
Internet 10.0.208.10 0 0014.0b65.837e ARPA FastEthernet0/0
Internet 192.168.0.1 0 0090.cc88.a2b7 ARPA FastEthernet0/1
Internet 192.168.0.2 - 001e.1369.46e1 ARPA FastEthernet0/1
***The .9 and .10 are machines that I've set statically, to configure the router***
I'm about ready to drop kick the router. :0
Thanks for all the suggestions so far, please keep them coming.
Here's a copy (pasted in the code block below) of the current scrubbed running config with the "all" modifier. Unfortunately, I'm still not seeing "service DHCP"
:-------------------
Lemme' answer everybody in order here:
Hodepine: - Yeah, I put the "service dchp" command into the router, but I'm not seeing it in my running config. I believe this is the problem all together, but I'm not sure.
lanboyo: - I do infact have an excluded range. 10.0.208.1 - 10.0.208.50
Here's the whole dchp status output from the 1841 currently:
Memory usage 24164
Address pools 1
Database agents 0
Automatic bindings 0
Manual bindings 0
Expired bindings 2
Malformed messages 0
Secure arp entries 0
Message Received
BOOTREQUEST 0
DHCPDISCOVER 17
DHCPREQUEST 3
DHCPDECLINE 0
DHCPRELEASE 0
DHCPINFORM 20
Message Sent
BOOTREPLY 0
DHCPOFFER 4
DHCPACK 0
DHCPNAK 0
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.0.208.1 - 001e.1369.46e0 ARPA FastEthernet0/0
Internet 10.0.208.9 1 0003.ffe7.4fd2 ARPA FastEthernet0/0
Internet 10.0.208.10 0 0014.0b65.837e ARPA FastEthernet0/0
Internet 192.168.0.1 0 0090.cc88.a2b7 ARPA FastEthernet0/1
Internet 192.168.0.2 - 001e.1369.46e1 ARPA FastEthernet0/1
***The .9 and .10 are machines that I've set statically, to configure the router***
I'm about ready to drop kick the router. :0
Thanks for all the suggestions so far, please keep them coming.
Current configuration with default configurations exposed : 5669 bytes
!
version 12.4
parser cache
no service log backtrace
no service config
no service exec-callback
no service nagle
service slave-log
no service slave-coredump
no service pad to-xot
no service pad from-xot
no service pad cmns
service pad
no service telnet-zeroidle
no service tcp-keepalives-in
no service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
no service exec-wait
no service linenumber
no service internal
no service compress-config
service prompt config
no service old-slip-prompts
no service pt-vty-logging
no service disable-ip-fast-frag
no service sequence-numbers
!
hostname *****
!
boot-start-marker
boot-end-marker
!
enable secret *****
!
aaa new-model
!
!
aaa group server radius *****_DC
server ***** auth-port 1645 acct-port 1646
server ***** auth-port 1645 acct-port 1646
!
aaa group server radius *****_DC
server ***** auth-port 1645 acct-port 1646
server ***** auth-port 1645 acct-port 1646
!
aaa group server radius *****DC
server ***** auth-port 1645 acct-port 1646
server ***** auth-port 1645 acct-port 1646
!
aaa authentication login *****_Access group *****_DC local
!
!
aaa session-id common
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.0.208.1 10.0.208.50
!
ip dhcp pool *****_LocalNetwork
network 10.0.208.0 255.255.254.0
domain-name *****.com
dns-server ***** *****
netbios-name-server ***** *****
default-router 10.0.208.1
lease 0 8
!
!
ip domain list *****.com
ip domain name *****.com
ip name-server *****
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
multilink bundle-name authenticated
!
!
!
!
username ***** privilege 15 secret *****
username ***** privilege 15 secret *****
archive
log config
no record rc
no logging enable
logging size 100
no notify syslog contenttype plaintext
no notify syslog contenttype xml
hidekeys
no path
no rollback filter adaptive
rollback retry timeout 0
!
!
crypto isakmp policy 1
encr aes 256
hash md5
authentication pre-share
group 2
crypto isakmp key ***** address *****
!
crypto ipsec security-association lifetime seconds 86400
!
crypto ipsec transform-set ESP-AES esp-aes 256
!
crypto map *****_VPNMap 1 ipsec-isakmp
set peer *****
set transform-set ESP-AES
set pfs group2
match address *****_VPNTraffic
!
!
!
bridge irb
!
!
!
interface FastEthernet0/0
description *****
ip address 10.0.208.1 255.255.254.0
ip nat inside
ip virtual-reassembly
speed 100
full-duplex
!
interface FastEthernet0/1
ip address ***** *****
ip nat outside
ip virtual-reassembly
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 *****
speed 100
full-duplex
crypto map *****_VPNMap
!
interface ATM0/0/0
no ip address
no ip route-cache cef
no ip route-cache
shutdown
no atm ilmi-keepalive
dsl operating-mode auto
!
router ospf 1
router-id 10.0.208.1
log-adjacency-changes
redistribute rip
network 10.0.208.0 0.0.1.255 area 10.0.208.0
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 *****
!
!
ip http server
no ip http secure-server
ip dns server
ip nat inside source list *****_NAT interface FastEthernet0/1 overload
!
ip access-list extended *****_NAT
deny ip 10.0.0.0 0.0.255.255 10.0.0.0 0.0.255.255
permit ip 10.0.0.0 0.0.255.255 any
ip access-list extended USSID1841A_VPNTraffic
permit ip 10.0.208.0 0.0.1.255 10.0.0.0 0.0.15.255
permit ip 10.0.208.0 0.0.1.255 10.0.224.0 0.0.15.255
!
!
!
!
!
!
radius-server host ***** auth-port 1645 acct-port 1646 key *****
radius-server host ***** auth-port 1645 acct-port 1646 key *****
radius-server host ***** auth-port 1645 acct-port 1646 key *****
radius-server host ***** auth-port 1645 acct-port 1646 key *****
radius-server host ***** auth-port 1645 acct-port 1646 key *****
radius-server host ***** auth-port 1645 acct-port 1646 key *****
!
control-plane
!
!
banner motd ^C
*************************************************************
************ Unauthorized Access is Prohibited ************
*************************************************************
Access to this system is for the use of authorized
personel only.
You are hereby advised that all actions performed are
subject to monitoring and are being recorded. In the
event of any possible criminal activity, evidence will
be turned over to proper Law Enforcement personnel,
and offenders will be prosecuted!
You have accessed: $(hostname).$(domain)
*************************************************************
************ Unauthorized Access is Prohibited ************
*************************************************************
^C
alias exec h help
alias exec lo logout
alias exec p ping
alias exec r resume
alias exec s show
alias exec u undebug
alias exec un undebug
alias exec w where
default-value exec-character-bits 7
default-value special-character-bits 7
default-value data-character-bits 8
!
line con 0
privilege level 15
logging synchronous
login authentication *****_Access
line aux 0
logging synchronous
login authentication *****_Access
line vty 0 4
logging synchronous
login authentication *****_Access
line vty 5 807
logging synchronous
login authentication *****_Access
!
scheduler allocate 20000 1000
end
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ok on the debugs. Thanks for the suggestion guys. I'll run through it here in a sec.
For the question about config on the switch... the 1841 is only connected to a l2 unmanaged... I'll keep truckin' through this...
For the question about config on the switch... the 1841 is only connected to a l2 unmanaged... I'll keep truckin' through this...
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks everyone for the assistance here.
After debugging and not seeing anything that I was wanting to, I was about 10 seconds from just completely dropping the router out the window - it started working after another restart.
It's working exactly like it's supposed to be.
I have a feeling that it's related to my other issue I recently posted on EE regarding a tunnel interface. On the DHCP scope in question, I have it giving the clients a DNS server that's on the other side of the tunnel. As the tunnel wasn't up, I think this is what was making the 1841 not send the DHCP info.
Interesting in any case.
Thanks for the help guys.
After debugging and not seeing anything that I was wanting to, I was about 10 seconds from just completely dropping the router out the window - it started working after another restart.
It's working exactly like it's supposed to be.
I have a feeling that it's related to my other issue I recently posted on EE regarding a tunnel interface. On the DHCP scope in question, I have it giving the clients a DNS server that's on the other side of the tunnel. As the tunnel wasn't up, I think this is what was making the 1841 not send the DHCP info.
Interesting in any case.
Thanks for the help guys.
network 10.0.208.0 255.255.255.0
I'd have thought the DHCP server would be deaf with 254
(linux is not my field)
Anthony