Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

DHCP/VLAN - Clients assigned old IP address when changing VLANs

Posted on 2014-02-03
6
Medium Priority
?
4,054 Views
Last Modified: 2016-11-23
Hello thanks for reading!

We're currently having a problem in which DHCP clients that move between VLANs are assigned their old IP address if it's available. They should be getting a new IP from the subnet that they moved to, but instead get their old IP that isn't routable in the new network segment.

We have a Dell Powerconnect 7024 at the core of our network with 3COM switches at the edge. The Powerconnect is the default gateway for everything on all subnets and is configured with 4 primary VLANs.

VLAN10 = Main Data LAN (192.168.1.1)
VLAN11 = Secondary Data LAN (192.168.0.1)
VLAN20 = Voice LAN (192.168.10.1)
VLAN30 = wireless LAN (192.168.30.1)

There is one Windows 2003 DHCP server in VLAN10 with a single superscope that contains 4 scopes, one for each subnet.
All VLANs have full access to each other.
The PC 7024 has a global IP Helper to forward DHCP requests to the DHCP server.

If I connect Laptop1 to VLAN10 then it will pull an IP address from the correct scope.
If move Laptop1 to any other VLAN then it will pull the same IP address that it had received from VLAN10 instead of getting a new one. An ipconfig /release and /renew will return the same, incorrect address it had before.
If I delete the lease on the DHCP server then it will still pull the old address.
If something else takes the IP address that Laptop1 had in VLAN10 and then I move Laptop1 to another VLAN then it will pull an address correctly.
If I statically assign Laptop1 in any other VLAN then it will work normally.
If I create a reservation for Laptop1 in any other VLAN and then move it there, it will pull the reserved IP correctly.

I had Dell support look over the switch and they said that the IP Helper setup looks normal to them and they don't think it's the switch.

The IP Helper must be doing something correctly or else none of the other VLANs would get DHCP from the correct pool the first time they request an IP.

From what I understand the Dell should be inserting it's interface IP into the giaddr portion of the DHCP packet, which has to be working somewhat for the other subnets to get the correct DHCP address the first time they connect.

I ran a Wireshark trace on my laptop during one of these requests and can see that it's requesting its previous IP address. But, instead of receiving a DHCP NACK packet I'm getting an ACK back w/ the old IP.

I want to get a packet trace on my DHCP server to see what's happening there, but don't have the ability to put that in place right now.

Has anyone seen anything like this before or have some next steps I might be able to take?

Thanks!
0
Comment
Question by:sfcanderson
6 Comments
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39829993
Seems to be definitly network related somewhere. Do you have the DHCP server configured using the VLAN ID's in the Scope Options (132)? Have you tried clearning the arp (arp -d) on the workstation and the also ipconfig /release /renew and making sure that the lease have been removed from the DHCP side.

Will.
0
 

Author Comment

by:sfcanderson
ID: 39830067
I just moved my laptop from VLAN10 to VLAN11, deleted the lease from DHCP, cleared the ARP cache, then renewed the IP and still got the old address from VLAN10.

We don't have any VLAN IDs set in the scope options. I understood that was only for situations where some or all VLANs were tagged (e.g. computers piggy backing off phones and tagging the VOIP traffic). We don't have any VLANs tagged on non-trunk ports, so it wouldn't help here.
0
 
LVL 57

Accepted Solution

by:
giltjr earned 2000 total points
ID: 39831385
Found a similar problem and it dealt with the way the DHCP scope was created on the Windows server.

They had a "super scope."

https://supportforums.cisco.com/thread/2158840
0
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

 
LVL 17

Expert Comment

by:pergr
ID: 39831959
You may want to activate "option-82" under the helper feature, so that the switch will tell the server what vlan/port the request comes from.

Then on the DHCP server you will need to use the information (option-82) forwarded by the switch.
0
 

Author Comment

by:sfcanderson
ID: 39833618
giltjr,
Great find, thanks! The superscope problem might be the same one we're facing, so I created a new DHCP server without it. I've successfully moved one scope over without problems and will be doing the rest this week.

Once I confirm they all work without the superscope I'll get back to you and close this out.
0
 

Author Closing Comment

by:sfcanderson
ID: 39842112
We ended up moving the DHCP scopes from a Windows 2003 server that had them under a superscope to a Windows 2008 R2 server that had individual scopes for each range and have not had a problem since.

Thanks again!
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
This article will show you step-by-step instructions to build your own NTP CentOS server.  The network diagram shows the best practice to setup the NTP server farm for redundancy.  This article also serves as your NTP server documentation.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

876 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question