Link to home
Create AccountLog in
Avatar of stephenmiller
stephenmillerFlag for United States of America

asked on

Troubleshooting DHCP flow on Cisco Switches

Hello,

I have an issue with wireless access points not obtaining a DHCP address.  One switch is working fine, the other switch seems to not be allowing DHCP.  The two switches have the same VLANs activated.  Switch ports where wireless AP's are attached are configured identical on both switches.

I am looking for suggestions to troubleshoot the flow of DHCP on the problematic switch

10.150.50.220 -- DHCP to wireless is working as intended.

10.150.50.219 -- Wireless AP's can't get a DHCP lease.

Trace route from both switches to the DHCP server returns successful following the same route on each.

Any suggestions are greatly appreciated.
Avatar of btassure
btassure
Flag of United Kingdom of Great Britain and Northern Ireland image

Can you post a (sanitised) config for the switches and the APs please?
Avatar of stephenmiller

ASKER

Config for the switch that works:

Building configuration...

Current configuration : 5547 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname POE-1
!
boot-start-marker
boot-end-marker
!
enable secret 5 
!
username
!
!
no aaa new-model
system mtu routing 1500
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet0/1
 switchport access vlan 15
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/2
 switchport access vlan 15
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/3
 switchport access vlan 15
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/4
 switchport access vlan 15
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/5
 switchport access vlan 15
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/6
 switchport access vlan 15
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/7
 description Wireless AP
 switchport access vlan 60
 switchport trunk native vlan 60
 switchport trunk allowed vlan 15,30,40,50,60
 switchport mode trunk
 spanning-tree portfast
!
interface FastEthernet0/8
 description Wireless AP
 switchport access vlan 60
 switchport trunk native vlan 60
 switchport trunk allowed vlan 15,30,40,50,60
 switchport mode trunk
 spanning-tree portfast
!
interface FastEthernet0/9
 switchport access vlan 15
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/10
 switchport access vlan 15
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/11
 switchport access vlan 15
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/12
 switchport access vlan 15
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/13
 switchport access vlan 15
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/14
 switchport access vlan 15
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/15
 switchport access vlan 15
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/16
 switchport access vlan 15
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/17
 switchport access vlan 15
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/18
 switchport access vlan 15
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/19
 switchport access vlan 15
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/20
 switchport access vlan 15
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/21
 switchport access vlan 15
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/22
 switchport access vlan 15
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/23
 switchport access vlan 15
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/24
 switchport access vlan 15
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/1
 switchport mode trunk
!
interface GigabitEthernet0/2
 switchport mode trunk
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan50
 ip address 10.150.50.220 255.255.255.0
!
ip default-gateway 10.150.50.254
ip http server
ip http secure-server

Open in new window


Config for the switch that is not working:

version 12.2
no service pad
service tcp-keepalives-in
service timestamps debug datetime localtime show-timezone
service timestamps log datetime localtime show-timezone
service password-encryption
!
hostname PoE-2
!
boot-start-marker
boot-end-marker
!
logging buffered 5000
logging console warnings
enable secret 5 
!
username
no aaa new-model
system mtu routing 1500
ip subnet-zero
no ip source-route
no ip gratuitous-arps
!
no ip domain-lookup
login block-for 30 attempts 3 within 100
login delay 2
login on-failure log
!
mls qos map policed-dscp  24 26 46 to 0
mls qos map cos-dscp 0 8 16 24 32 46 48 56
mls qos srr-queue input bandwidth 90 10
mls qos srr-queue input threshold 1 8 16
mls qos srr-queue input threshold 2 34 66
mls qos srr-queue input buffers 67 33
mls qos srr-queue input cos-map queue 1 threshold 2  1
mls qos srr-queue input cos-map queue 1 threshold 3  0
mls qos srr-queue input cos-map queue 2 threshold 1  2
mls qos srr-queue input cos-map queue 2 threshold 2  4 6 7
mls qos srr-queue input cos-map queue 2 threshold 3  3 5
mls qos srr-queue input dscp-map queue 1 threshold 2  9 10 11 12 13 14 15
mls qos srr-queue input dscp-map queue 1 threshold 3  0 1 2 3 4 5 6 7
mls qos srr-queue input dscp-map queue 1 threshold 3  32
mls qos srr-queue input dscp-map queue 2 threshold 1  16 17 18 19 20 21 22 23
mls qos srr-queue input dscp-map queue 2 threshold 2  33 34 35 36 37 38 39 48
mls qos srr-queue input dscp-map queue 2 threshold 2  49 50 51 52 53 54 55 56
mls qos srr-queue input dscp-map queue 2 threshold 2  57 58 59 60 61 62 63
mls qos srr-queue input dscp-map queue 2 threshold 3  24 25 26 27 28 29 30 31
mls qos srr-queue input dscp-map queue 2 threshold 3  40 41 42 43 44 45 46 47
mls qos srr-queue output cos-map queue 1 threshold 3  5
mls qos srr-queue output cos-map queue 2 threshold 3  3 6 7
mls qos srr-queue output cos-map queue 3 threshold 3  2 4
mls qos srr-queue output cos-map queue 4 threshold 2  1
mls qos srr-queue output cos-map queue 4 threshold 3  0
mls qos srr-queue output dscp-map queue 1 threshold 3  40 41 42 43 44 45 46 47
mls qos srr-queue output dscp-map queue 2 threshold 3  24 25 26 27 28 29 30 31
mls qos srr-queue output dscp-map queue 2 threshold 3  48 49 50 51 52 53 54 55
mls qos srr-queue output dscp-map queue 2 threshold 3  56 57 58 59 60 61 62 63
mls qos srr-queue output dscp-map queue 3 threshold 3  16 17 18 19 20 21 22 23
mls qos srr-queue output dscp-map queue 3 threshold 3  32 33 34 35 36 37 38 39
mls qos srr-queue output dscp-map queue 4 threshold 1  8
mls qos srr-queue output dscp-map queue 4 threshold 2  9 10 11 12 13 14 15
mls qos srr-queue output dscp-map queue 4 threshold 3  0 1 2 3 4 5 6 7
mls qos queue-set output 1 threshold 1 138 138 92 138
mls qos queue-set output 1 threshold 2 138 138 92 400
mls qos queue-set output 1 threshold 3 36 77 100 318
mls qos queue-set output 1 threshold 4 20 50 67 400
mls qos queue-set output 2 threshold 1 149 149 100 149
mls qos queue-set output 2 threshold 2 118 118 100 235
mls qos queue-set output 2 threshold 3 41 68 100 272
mls qos queue-set output 2 threshold 4 42 72 100 242
mls qos queue-set output 1 buffers 10 10 26 54
mls qos queue-set output 2 buffers 16 6 17 61
mls qos
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
class-map match-all AutoQoS-VoIP-RTP-Trust
 match ip dscp ef
class-map match-all AutoQoS-VoIP-Control-Trust
 match ip dscp cs3  af31
!
!
policy-map AutoQoS-Police-CiscoPhone
 class AutoQoS-VoIP-RTP-Trust
  set dscp ef
  police 1000000 8000 exceed-action policed-dscp-transmit
 class AutoQoS-VoIP-Control-Trust
  set dscp cs3
  police 1000000 8000 exceed-action policed-dscp-transmit
!
!
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
 description Wireless AP
 switchport access vlan 60
 switchport trunk native vlan 60
 switchport trunk allowed vlan 15,30,40,50,60
 switchport mode trunk
 spanning-tree portfast
!
interface FastEthernet0/16
 description Wireless AP
 switchport access vlan 60
 switchport trunk native vlan 60
 switchport trunk allowed vlan 15,30,40,50,60
 switchport mode trunk
 spanning-tree portfast
!
interface FastEthernet0/17
 description Wireless AP
 switchport access vlan 60
 switchport trunk native vlan 60
 switchport trunk allowed vlan 15,30,40,50,60
 switchport mode trunk
 spanning-tree portfast
!
interface FastEthernet0/18
 switchport access vlan 15
 spanning-tree portfast
!
interface FastEthernet0/19
 switchport access vlan 15
 spanning-tree portfast
!
interface FastEthernet0/20
 description Wireless AP
 switchport access vlan 60
 switchport trunk native vlan 60
 switchport trunk allowed vlan 15,30,40,50,60
 switchport mode trunk
 spanning-tree portfast
!
interface FastEthernet0/21
 switchport access vlan 15
 spanning-tree portfast
!
interface FastEthernet0/22
 switchport access vlan 15
 spanning-tree portfast
!
interface FastEthernet0/23
 switchport access vlan 15
 spanning-tree portfast
!
interface FastEthernet0/24
 switchport access vlan 15
 spanning-tree portfast
!
interface GigabitEthernet0/1
 switchport mode trunk
 srr-queue bandwidth share 10 10 60 20
 queue-set 2
 priority-queue out
 mls qos trust device cisco-phone
 mls qos trust cos
 auto qos voip cisco-phone
 spanning-tree portfast
 service-policy input AutoQoS-Police-CiscoPhone
!
interface GigabitEthernet0/2
 switchport mode trunk
 srr-queue bandwidth share 10 10 60 20
 queue-set 2
 priority-queue out
 mls qos trust device cisco-phone
 mls qos trust cos
 auto qos voip cisco-phone
 spanning-tree portfast
 service-policy input AutoQoS-Police-CiscoPhone
!
interface Vlan1
 no ip address
 no ip route-cache
 shutdown
!
interface Vlan50
 ip address 10.150.50.219 255.255.255.0
 no ip route-cache
!
interface Vlan15
 ip address 10.150.15.219 255.255.255.0
 no ip route-cache
!
ip default-gateway 10.150.50.254
no ip http server
no ip http secure-server
!

Open in new window

Int vlan50 and int vlan15 cannot have the same IP Address.  Change the IP address on vlan 15 to something else and things should work.
int vlan 15 is 10.150.15.219

int vlan 50 is 10.150.50.219
ASKER CERTIFIED SOLUTION
Avatar of btassure
btassure
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
the VLAN routing is happening on a core switch.  Some additional info, when the access points were set to access vlan 15, they got DHCP on the 15 scope.  We needed to move them to access vlan 60 to get IP on the 60 scope which has option 43 specific to the AP's.
Have you checked the logs on the DHCP server?  Also run the debug dhcp detail command on the core and access switch and see if there are any abnormalities.
The problematic switches were connected to their core via a trunk port, that trunk port on the core was not configured to allow vlan 50.