Solved

DHCP/VLAN - Clients assigned old IP address when changing VLANs

Posted on 2014-02-03
6
3,790 Views
Last Modified: 2016-11-23
Hello thanks for reading!

We're currently having a problem in which DHCP clients that move between VLANs are assigned their old IP address if it's available. They should be getting a new IP from the subnet that they moved to, but instead get their old IP that isn't routable in the new network segment.

We have a Dell Powerconnect 7024 at the core of our network with 3COM switches at the edge. The Powerconnect is the default gateway for everything on all subnets and is configured with 4 primary VLANs.

VLAN10 = Main Data LAN (192.168.1.1)
VLAN11 = Secondary Data LAN (192.168.0.1)
VLAN20 = Voice LAN (192.168.10.1)
VLAN30 = wireless LAN (192.168.30.1)

There is one Windows 2003 DHCP server in VLAN10 with a single superscope that contains 4 scopes, one for each subnet.
All VLANs have full access to each other.
The PC 7024 has a global IP Helper to forward DHCP requests to the DHCP server.

If I connect Laptop1 to VLAN10 then it will pull an IP address from the correct scope.
If move Laptop1 to any other VLAN then it will pull the same IP address that it had received from VLAN10 instead of getting a new one. An ipconfig /release and /renew will return the same, incorrect address it had before.
If I delete the lease on the DHCP server then it will still pull the old address.
If something else takes the IP address that Laptop1 had in VLAN10 and then I move Laptop1 to another VLAN then it will pull an address correctly.
If I statically assign Laptop1 in any other VLAN then it will work normally.
If I create a reservation for Laptop1 in any other VLAN and then move it there, it will pull the reserved IP correctly.

I had Dell support look over the switch and they said that the IP Helper setup looks normal to them and they don't think it's the switch.

The IP Helper must be doing something correctly or else none of the other VLANs would get DHCP from the correct pool the first time they request an IP.

From what I understand the Dell should be inserting it's interface IP into the giaddr portion of the DHCP packet, which has to be working somewhat for the other subnets to get the correct DHCP address the first time they connect.

I ran a Wireshark trace on my laptop during one of these requests and can see that it's requesting its previous IP address. But, instead of receiving a DHCP NACK packet I'm getting an ACK back w/ the old IP.

I want to get a packet trace on my DHCP server to see what's happening there, but don't have the ability to put that in place right now.

Has anyone seen anything like this before or have some next steps I might be able to take?

Thanks!
0
Comment
Question by:sfcanderson
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39829993
Seems to be definitly network related somewhere. Do you have the DHCP server configured using the VLAN ID's in the Scope Options (132)? Have you tried clearning the arp (arp -d) on the workstation and the also ipconfig /release /renew and making sure that the lease have been removed from the DHCP side.

Will.
0
 

Author Comment

by:sfcanderson
ID: 39830067
I just moved my laptop from VLAN10 to VLAN11, deleted the lease from DHCP, cleared the ARP cache, then renewed the IP and still got the old address from VLAN10.

We don't have any VLAN IDs set in the scope options. I understood that was only for situations where some or all VLANs were tagged (e.g. computers piggy backing off phones and tagging the VOIP traffic). We don't have any VLANs tagged on non-trunk ports, so it wouldn't help here.
0
 
LVL 57

Accepted Solution

by:
giltjr earned 500 total points
ID: 39831385
Found a similar problem and it dealt with the way the DHCP scope was created on the Windows server.

They had a "super scope."

https://supportforums.cisco.com/thread/2158840
0
How Blockchain Is Impacting Every Industry

Blockchain expert Alex Tapscott talks to Acronis VP Frank Jablonski about this revolutionary technology and how it's making inroads into other industries and facets of everyday life.

 
LVL 17

Expert Comment

by:pergr
ID: 39831959
You may want to activate "option-82" under the helper feature, so that the switch will tell the server what vlan/port the request comes from.

Then on the DHCP server you will need to use the information (option-82) forwarded by the switch.
0
 

Author Comment

by:sfcanderson
ID: 39833618
giltjr,
Great find, thanks! The superscope problem might be the same one we're facing, so I created a new DHCP server without it. I've successfully moved one scope over without problems and will be doing the rest this week.

Once I confirm they all work without the superscope I'll get back to you and close this out.
0
 

Author Closing Comment

by:sfcanderson
ID: 39842112
We ended up moving the DHCP scopes from a Windows 2003 server that had them under a superscope to a Windows 2008 R2 server that had individual scopes for each range and have not had a problem since.

Thanks again!
0

Featured Post

Does Your Cloud Backup Use Blockchain Technology?

Blockchain technology has already revolutionized finance thanks to Bitcoin. Now it's disrupting other areas, including the realm of data protection. Learn how blockchain is now being used to authenticate backup files and keep them safe from hackers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
This program is used to assist in finding and resolving common problems with wireless connections.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question