stephenmiller
asked on
Troubleshooting DHCP flow on Cisco Switches
Hello,
I have an issue with wireless access points not obtaining a DHCP address. One switch is working fine, the other switch seems to not be allowing DHCP. The two switches have the same VLANs activated. Switch ports where wireless AP's are attached are configured identical on both switches.
I am looking for suggestions to troubleshoot the flow of DHCP on the problematic switch
10.150.50.220 -- DHCP to wireless is working as intended.
10.150.50.219 -- Wireless AP's can't get a DHCP lease.
Trace route from both switches to the DHCP server returns successful following the same route on each.
Any suggestions are greatly appreciated.
I have an issue with wireless access points not obtaining a DHCP address. One switch is working fine, the other switch seems to not be allowing DHCP. The two switches have the same VLANs activated. Switch ports where wireless AP's are attached are configured identical on both switches.
I am looking for suggestions to troubleshoot the flow of DHCP on the problematic switch
10.150.50.220 -- DHCP to wireless is working as intended.
10.150.50.219 -- Wireless AP's can't get a DHCP lease.
Trace route from both switches to the DHCP server returns successful following the same route on each.
Any suggestions are greatly appreciated.
Can you post a (sanitised) config for the switches and the APs please?
ASKER
Config for the switch that works:
Config for the switch that is not working:
Building configuration...
Current configuration : 5547 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname POE-1
!
boot-start-marker
boot-end-marker
!
enable secret 5
!
username
!
!
no aaa new-model
system mtu routing 1500
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet0/1
switchport access vlan 15
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/2
switchport access vlan 15
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/3
switchport access vlan 15
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/4
switchport access vlan 15
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/5
switchport access vlan 15
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/6
switchport access vlan 15
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/7
description Wireless AP
switchport access vlan 60
switchport trunk native vlan 60
switchport trunk allowed vlan 15,30,40,50,60
switchport mode trunk
spanning-tree portfast
!
interface FastEthernet0/8
description Wireless AP
switchport access vlan 60
switchport trunk native vlan 60
switchport trunk allowed vlan 15,30,40,50,60
switchport mode trunk
spanning-tree portfast
!
interface FastEthernet0/9
switchport access vlan 15
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/10
switchport access vlan 15
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/11
switchport access vlan 15
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/12
switchport access vlan 15
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/13
switchport access vlan 15
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/14
switchport access vlan 15
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/15
switchport access vlan 15
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/16
switchport access vlan 15
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/17
switchport access vlan 15
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/18
switchport access vlan 15
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/19
switchport access vlan 15
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/20
switchport access vlan 15
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/21
switchport access vlan 15
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/22
switchport access vlan 15
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/23
switchport access vlan 15
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/24
switchport access vlan 15
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet0/1
switchport mode trunk
!
interface GigabitEthernet0/2
switchport mode trunk
!
interface Vlan1
no ip address
shutdown
!
interface Vlan50
ip address 10.150.50.220 255.255.255.0
!
ip default-gateway 10.150.50.254
ip http server
ip http secure-server
Config for the switch that is not working:
version 12.2
no service pad
service tcp-keepalives-in
service timestamps debug datetime localtime show-timezone
service timestamps log datetime localtime show-timezone
service password-encryption
!
hostname PoE-2
!
boot-start-marker
boot-end-marker
!
logging buffered 5000
logging console warnings
enable secret 5
!
username
no aaa new-model
system mtu routing 1500
ip subnet-zero
no ip source-route
no ip gratuitous-arps
!
no ip domain-lookup
login block-for 30 attempts 3 within 100
login delay 2
login on-failure log
!
mls qos map policed-dscp 24 26 46 to 0
mls qos map cos-dscp 0 8 16 24 32 46 48 56
mls qos srr-queue input bandwidth 90 10
mls qos srr-queue input threshold 1 8 16
mls qos srr-queue input threshold 2 34 66
mls qos srr-queue input buffers 67 33
mls qos srr-queue input cos-map queue 1 threshold 2 1
mls qos srr-queue input cos-map queue 1 threshold 3 0
mls qos srr-queue input cos-map queue 2 threshold 1 2
mls qos srr-queue input cos-map queue 2 threshold 2 4 6 7
mls qos srr-queue input cos-map queue 2 threshold 3 3 5
mls qos srr-queue input dscp-map queue 1 threshold 2 9 10 11 12 13 14 15
mls qos srr-queue input dscp-map queue 1 threshold 3 0 1 2 3 4 5 6 7
mls qos srr-queue input dscp-map queue 1 threshold 3 32
mls qos srr-queue input dscp-map queue 2 threshold 1 16 17 18 19 20 21 22 23
mls qos srr-queue input dscp-map queue 2 threshold 2 33 34 35 36 37 38 39 48
mls qos srr-queue input dscp-map queue 2 threshold 2 49 50 51 52 53 54 55 56
mls qos srr-queue input dscp-map queue 2 threshold 2 57 58 59 60 61 62 63
mls qos srr-queue input dscp-map queue 2 threshold 3 24 25 26 27 28 29 30 31
mls qos srr-queue input dscp-map queue 2 threshold 3 40 41 42 43 44 45 46 47
mls qos srr-queue output cos-map queue 1 threshold 3 5
mls qos srr-queue output cos-map queue 2 threshold 3 3 6 7
mls qos srr-queue output cos-map queue 3 threshold 3 2 4
mls qos srr-queue output cos-map queue 4 threshold 2 1
mls qos srr-queue output cos-map queue 4 threshold 3 0
mls qos srr-queue output dscp-map queue 1 threshold 3 40 41 42 43 44 45 46 47
mls qos srr-queue output dscp-map queue 2 threshold 3 24 25 26 27 28 29 30 31
mls qos srr-queue output dscp-map queue 2 threshold 3 48 49 50 51 52 53 54 55
mls qos srr-queue output dscp-map queue 2 threshold 3 56 57 58 59 60 61 62 63
mls qos srr-queue output dscp-map queue 3 threshold 3 16 17 18 19 20 21 22 23
mls qos srr-queue output dscp-map queue 3 threshold 3 32 33 34 35 36 37 38 39
mls qos srr-queue output dscp-map queue 4 threshold 1 8
mls qos srr-queue output dscp-map queue 4 threshold 2 9 10 11 12 13 14 15
mls qos srr-queue output dscp-map queue 4 threshold 3 0 1 2 3 4 5 6 7
mls qos queue-set output 1 threshold 1 138 138 92 138
mls qos queue-set output 1 threshold 2 138 138 92 400
mls qos queue-set output 1 threshold 3 36 77 100 318
mls qos queue-set output 1 threshold 4 20 50 67 400
mls qos queue-set output 2 threshold 1 149 149 100 149
mls qos queue-set output 2 threshold 2 118 118 100 235
mls qos queue-set output 2 threshold 3 41 68 100 272
mls qos queue-set output 2 threshold 4 42 72 100 242
mls qos queue-set output 1 buffers 10 10 26 54
mls qos queue-set output 2 buffers 16 6 17 61
mls qos
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
class-map match-all AutoQoS-VoIP-RTP-Trust
match ip dscp ef
class-map match-all AutoQoS-VoIP-Control-Trust
match ip dscp cs3 af31
!
!
policy-map AutoQoS-Police-CiscoPhone
class AutoQoS-VoIP-RTP-Trust
set dscp ef
police 1000000 8000 exceed-action policed-dscp-transmit
class AutoQoS-VoIP-Control-Trust
set dscp cs3
police 1000000 8000 exceed-action policed-dscp-transmit
!
!
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
description Wireless AP
switchport access vlan 60
switchport trunk native vlan 60
switchport trunk allowed vlan 15,30,40,50,60
switchport mode trunk
spanning-tree portfast
!
interface FastEthernet0/16
description Wireless AP
switchport access vlan 60
switchport trunk native vlan 60
switchport trunk allowed vlan 15,30,40,50,60
switchport mode trunk
spanning-tree portfast
!
interface FastEthernet0/17
description Wireless AP
switchport access vlan 60
switchport trunk native vlan 60
switchport trunk allowed vlan 15,30,40,50,60
switchport mode trunk
spanning-tree portfast
!
interface FastEthernet0/18
switchport access vlan 15
spanning-tree portfast
!
interface FastEthernet0/19
switchport access vlan 15
spanning-tree portfast
!
interface FastEthernet0/20
description Wireless AP
switchport access vlan 60
switchport trunk native vlan 60
switchport trunk allowed vlan 15,30,40,50,60
switchport mode trunk
spanning-tree portfast
!
interface FastEthernet0/21
switchport access vlan 15
spanning-tree portfast
!
interface FastEthernet0/22
switchport access vlan 15
spanning-tree portfast
!
interface FastEthernet0/23
switchport access vlan 15
spanning-tree portfast
!
interface FastEthernet0/24
switchport access vlan 15
spanning-tree portfast
!
interface GigabitEthernet0/1
switchport mode trunk
srr-queue bandwidth share 10 10 60 20
queue-set 2
priority-queue out
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
service-policy input AutoQoS-Police-CiscoPhone
!
interface GigabitEthernet0/2
switchport mode trunk
srr-queue bandwidth share 10 10 60 20
queue-set 2
priority-queue out
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
service-policy input AutoQoS-Police-CiscoPhone
!
interface Vlan1
no ip address
no ip route-cache
shutdown
!
interface Vlan50
ip address 10.150.50.219 255.255.255.0
no ip route-cache
!
interface Vlan15
ip address 10.150.15.219 255.255.255.0
no ip route-cache
!
ip default-gateway 10.150.50.254
no ip http server
no ip http secure-server
!
Int vlan50 and int vlan15 cannot have the same IP Address. Change the IP address on vlan 15 to something else and things should work.
ASKER
int vlan 15 is 10.150.15.219
int vlan 50 is 10.150.50.219
int vlan 50 is 10.150.50.219
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
the VLAN routing is happening on a core switch. Some additional info, when the access points were set to access vlan 15, they got DHCP on the 15 scope. We needed to move them to access vlan 60 to get IP on the 60 scope which has option 43 specific to the AP's.
Have you checked the logs on the DHCP server? Also run the debug dhcp detail command on the core and access switch and see if there are any abnormalities.
ASKER
The problematic switches were connected to their core via a trunk port, that trunk port on the core was not configured to allow vlan 50.