Michael
asked on
Cisco 3750 refuses to issue DHCP for VLAN
Hi Guys, pulling my hair out here. I have two vlans configured for DHCP on my switch, One a voice VLAN which when I plug a phone in works fine, other is a guestWIFI vlan (207). which will not work. I have plugged a pc directly into port 27 and it also will not receive an address. When I debug I just see discovery messages being sent but nothing else.
Config:
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname mbicl3sw01
!
boot-start-marker
boot-end-marker
!
enable secret 5 $xxx
enable password xxx
!
username root privilege 15 secret 5 xxx
aaa new-model
!
!
!
!
!
aaa session-id common
switch 1 provision ws-c3750g-48ps
system mtu routing 1500
ip subnet-zero
ip routing
ip dhcp use vrf connected
!
ip dhcp pool VoiceVlan
import all
network 192.168.50.0 255.255.255.0
dns-server 8.8.8.8
default-router 192.168.50.254
lease 0 2
!
ip dhcp pool guestwifi
import all
network 192.168.70.0 255.255.255.0
dns-server 8.8.8.8
default-router 192.168.70.254
lease 0 2
!
!
!
!
crypto pki trustpoint TP-self-signed-3343665408
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certifi
revocation-check none
rsakeypair TP-self-signed-3343665408
!
!
!
!
!
port-channel load-balance src-dst-ip
!
!
spanning-tree mode pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
interface Port-channel1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 201-210
switchport mode trunk
!
interface GigabitEthernet1/0/1
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/2
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/3
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/4
switchport trunk encapsulation dot1q
switchport trunk native vlan 201
switchport mode trunk
spanning-tree portfast
!
interface GigabitEthernet1/0/5
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/6
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/7
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/8
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/9
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/10
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/11
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/12
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/13
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/14
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/15
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/16
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/17
switchport access vlan 203
switchport mode access
!
interface GigabitEthernet1/0/18
switchport access vlan 203
switchport mode access
!
interface GigabitEthernet1/0/19
switchport access vlan 203
switchport mode access
shutdown
!
interface GigabitEthernet1/0/20
switchport access vlan 203
switchport mode access
!
interface GigabitEthernet1/0/21
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
!
interface GigabitEthernet1/0/24
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
switchport access vlan 208
!
interface GigabitEthernet1/0/27
switchport access vlan 207
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/28
switchport access vlan 207
!
interface GigabitEthernet1/0/29
shutdown
!
interface GigabitEthernet1/0/30
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 201-210
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/0/31
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 201-210
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/0/32
!
interface GigabitEthernet1/0/33
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/34
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/35
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/36
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/37
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/38
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/39
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/40
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/41
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/42
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/43
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/44
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/45
switchport access vlan 207
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/46
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/47
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/48
switchport access vlan 204
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/49
!
interface GigabitEthernet1/0/50
!
interface GigabitEthernet1/0/51
!
interface GigabitEthernet1/0/52
!
interface Vlan1
ip address 192.168.25.9 255.255.255.0
shutdown
!
interface Vlan201
ip address 192.168.25.254 255.255.255.0
!
interface Vlan202
description VoiceVlan
ip address 192.168.50.254 255.255.255.0
!
interface Vlan204
description ServerVlan
ip address 192.168.30.254 255.255.255.0
!
interface Vlan205
description FirewallInternalVlan
ip address 192.168.40.254 255.255.255.0
!
interface Vlan206
description ManagementVlan
ip address 192.168.60.254 255.255.255.0
!
interface Vlan207
description GusestWiFiUser
ip address 192.168.70.254 255.255.255.0
!
interface Vlan208
ip address 192.168.80.254 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.40.1
ip http server
ip http secure-server
!
!
control-plane
!
!
!
end
Config:
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname mbicl3sw01
!
boot-start-marker
boot-end-marker
!
enable secret 5 $xxx
enable password xxx
!
username root privilege 15 secret 5 xxx
aaa new-model
!
!
!
!
!
aaa session-id common
switch 1 provision ws-c3750g-48ps
system mtu routing 1500
ip subnet-zero
ip routing
ip dhcp use vrf connected
!
ip dhcp pool VoiceVlan
import all
network 192.168.50.0 255.255.255.0
dns-server 8.8.8.8
default-router 192.168.50.254
lease 0 2
!
ip dhcp pool guestwifi
import all
network 192.168.70.0 255.255.255.0
dns-server 8.8.8.8
default-router 192.168.70.254
lease 0 2
!
!
!
!
crypto pki trustpoint TP-self-signed-3343665408
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certifi
revocation-check none
rsakeypair TP-self-signed-3343665408
!
!
!
!
!
port-channel load-balance src-dst-ip
!
!
spanning-tree mode pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
interface Port-channel1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 201-210
switchport mode trunk
!
interface GigabitEthernet1/0/1
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/2
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/3
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/4
switchport trunk encapsulation dot1q
switchport trunk native vlan 201
switchport mode trunk
spanning-tree portfast
!
interface GigabitEthernet1/0/5
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/6
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/7
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/8
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/9
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/10
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/11
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/12
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/13
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/14
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/15
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/16
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/17
switchport access vlan 203
switchport mode access
!
interface GigabitEthernet1/0/18
switchport access vlan 203
switchport mode access
!
interface GigabitEthernet1/0/19
switchport access vlan 203
switchport mode access
shutdown
!
interface GigabitEthernet1/0/20
switchport access vlan 203
switchport mode access
!
interface GigabitEthernet1/0/21
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
!
interface GigabitEthernet1/0/24
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
switchport access vlan 208
!
interface GigabitEthernet1/0/27
switchport access vlan 207
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/28
switchport access vlan 207
!
interface GigabitEthernet1/0/29
shutdown
!
interface GigabitEthernet1/0/30
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 201-210
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/0/31
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 201-210
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/0/32
!
interface GigabitEthernet1/0/33
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/34
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/35
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/36
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/37
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/38
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/39
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/40
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/41
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/42
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/43
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/44
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/45
switchport access vlan 207
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/46
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/47
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/48
switchport access vlan 204
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/49
!
interface GigabitEthernet1/0/50
!
interface GigabitEthernet1/0/51
!
interface GigabitEthernet1/0/52
!
interface Vlan1
ip address 192.168.25.9 255.255.255.0
shutdown
!
interface Vlan201
ip address 192.168.25.254 255.255.255.0
!
interface Vlan202
description VoiceVlan
ip address 192.168.50.254 255.255.255.0
!
interface Vlan204
description ServerVlan
ip address 192.168.30.254 255.255.255.0
!
interface Vlan205
description FirewallInternalVlan
ip address 192.168.40.254 255.255.255.0
!
interface Vlan206
description ManagementVlan
ip address 192.168.60.254 255.255.255.0
!
interface Vlan207
description GusestWiFiUser
ip address 192.168.70.254 255.255.255.0
!
interface Vlan208
ip address 192.168.80.254 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.40.1
ip http server
ip http secure-server
!
!
control-plane
!
!
!
end
ASKER
Thanks for the quick reply,
Glad I haven't made a stupid mistake that my eyes failed to see. I
Vlan is up
207 GuestWifiUser active Gi1/0/27, Gi1/0/28, Gi1/0/45
Vlan207 192.168.70.254 YES NVRAM up up
Regards
Glad I haven't made a stupid mistake that my eyes failed to see. I
Vlan is up
207 GuestWifiUser active Gi1/0/27, Gi1/0/28, Gi1/0/45
Vlan207 192.168.70.254 YES NVRAM up up
Regards
When you manually assign IP address to host can you ping default gateway and some other addresses?
ASKER
Yes if I assign a static ip within the VLAN207 subnet I can ping the SVI address. I even did it without a gateway interface in the IP config to ensure it wasn't being routed somehow!
Regards
Regards
In that case In that case I expect that there is some IOS Bug present there is at least several of DHCP IOS bugs related to 3750 switches. I don't see other explanation. What I would try is to create loopback interface and create ip helper under SVI 207 pointing to switch loopback (desperate times call for desperate measures). Sure, IOS upgrade is also an option.
ASKER
Ok I'll give it a try. Are u suggesting a loop back address within the same subnet? Like 192.168.70.253?
You can't use IP address from the same subnet it would be overlapping network - not allowed... :)
ASKER
Still no good!
*Mar 6 16:01:20.054: DHCPD: htype 1 chaddr 00e0.ed12.2168
*Mar 6 16:01:20.054: DHCPD: giaddr = 192.168.70.254
*Mar 6 16:01:20.054: DHCPD: interface = Loopback1
*Mar 6 16:01:20.054: DHCPD: class id 4d53465420352e30
*Mar 6 16:01:24.055: DHCPD: Sending notification of DISCOVER:
*Mar 6 16:01:24.055: DHCPD: htype 1 chaddr 00e0.ed12.2168
*Mar 6 16:01:24.055: DHCPD: interface = Vlan207
*Mar 6 16:01:24.055: DHCPD: class id 4d53465420352e30
*Mar 6 16:01:24.055: DHCPD: Sending notification of DISCOVER:
*Mar 6 16:01:24.055: DHCPD: htype 1 chaddr 00e0.ed12.2168
*Mar 6 16:01:24.055: DHCPD: interface = Vlan207
*Mar 6 16:01:24.055: DHCPD: class id 4d53465420352e30
*Mar 6 16:01:24.055: DHCPD: Sending notification of DISCOVER:
*Mar 6 16:01:24.055: DHCPD: htype 1 chaddr 00e0.ed12.2168
*Mar 6 16:01:24.055: DHCPD: giaddr = 192.168.70.254
*Mar 6 16:01:24.055: DHCPD: interface = Loopback1
*Mar 6 16:01:24.055: DHCPD: class id 4d53465420352e30
*Mar 6 16:01:24.055: DHCPD: Sending notification of DISCOVER:
*Mar 6 16:01:24.055: DHCPD: htype 1 chaddr 00e0.ed12.2168
*Mar 6 16:01:24.055: DHCPD: giaddr = 192.168.70.254
*Mar 6 16:01:24.055: DHCPD: interface = Loopback1
*Mar 6 16:01:24.055: DHCPD: class id 4d53465420352e30
Just stuck at discover
*Mar 6 16:01:20.054: DHCPD: htype 1 chaddr 00e0.ed12.2168
*Mar 6 16:01:20.054: DHCPD: giaddr = 192.168.70.254
*Mar 6 16:01:20.054: DHCPD: interface = Loopback1
*Mar 6 16:01:20.054: DHCPD: class id 4d53465420352e30
*Mar 6 16:01:24.055: DHCPD: Sending notification of DISCOVER:
*Mar 6 16:01:24.055: DHCPD: htype 1 chaddr 00e0.ed12.2168
*Mar 6 16:01:24.055: DHCPD: interface = Vlan207
*Mar 6 16:01:24.055: DHCPD: class id 4d53465420352e30
*Mar 6 16:01:24.055: DHCPD: Sending notification of DISCOVER:
*Mar 6 16:01:24.055: DHCPD: htype 1 chaddr 00e0.ed12.2168
*Mar 6 16:01:24.055: DHCPD: interface = Vlan207
*Mar 6 16:01:24.055: DHCPD: class id 4d53465420352e30
*Mar 6 16:01:24.055: DHCPD: Sending notification of DISCOVER:
*Mar 6 16:01:24.055: DHCPD: htype 1 chaddr 00e0.ed12.2168
*Mar 6 16:01:24.055: DHCPD: giaddr = 192.168.70.254
*Mar 6 16:01:24.055: DHCPD: interface = Loopback1
*Mar 6 16:01:24.055: DHCPD: class id 4d53465420352e30
*Mar 6 16:01:24.055: DHCPD: Sending notification of DISCOVER:
*Mar 6 16:01:24.055: DHCPD: htype 1 chaddr 00e0.ed12.2168
*Mar 6 16:01:24.055: DHCPD: giaddr = 192.168.70.254
*Mar 6 16:01:24.055: DHCPD: interface = Loopback1
*Mar 6 16:01:24.055: DHCPD: class id 4d53465420352e30
Just stuck at discover
Can you please post the vlan interface settings using "show run inter vlan 207"
Also, I would recommend adding the command "switchport mode access" to all of your non-trunk interfaces. That will add another layer of security and devices should connect faster because they don;t have to negotiate the connection.
Thanks
Also, I would recommend adding the command "switchport mode access" to all of your non-trunk interfaces. That will add another layer of security and devices should connect faster because they don;t have to negotiate the connection.
Thanks
ASKER
Hey thanks for your comments Andy
Here is the result
mbicl3sw01#sh run int vlan207
Building configuration...
Current configuration : 94 bytes
!
interface Vlan207
description GusestWiFiUser
ip address 192.168.70.254 255.255.255.0
end
Here is the result
mbicl3sw01#sh run int vlan207
Building configuration...
Current configuration : 94 bytes
!
interface Vlan207
description GusestWiFiUser
ip address 192.168.70.254 255.255.255.0
end
ASKER
This is really getting on my nerves now as I just cant seem to get cross vlan dhcp working at all through this switch. Ive given up trying to get DHCP served directly from the switch in lieu of using my main user DHCP server which sits on windows. Even that wont work!!!
Ok here is my config
User VLAN 201 192.168.25.0 SVi 192.168.25.245
On this VLAN I have a windows Domain server also hosting DHCP 192.168.25.21
My DHCP server has scope configured for 192.168.70.0
The windows domain server is hosted on a ESXI box which is connected to the switch via interface Port-channel1
Vlan configured appropriately on ESXI
VLAN 207 192.168.70.0 SVI 192.168.70.254
PC directly connected to switch port gi1/0/27 configured for this VLAN
Helper address configured for 192.168.25.21
I see in debug:
Sep 18 14:20:16.940: DHCPD: DHCPDISCOVER received from client 0063.6973.636f.2d30.3031.6
Sep 18 14:20:16.949: DHCPD: using received relay info.
Sep 18 14:20:16.949: DHCPD: Looking up binding using address 192.168.70.254
Sep 18 14:20:16.949: DHCPD: setting giaddr to 192.168.70.254.
Sep 18 14:20:16.949: DHCPD: BOOTREQUEST from 0063.6973.636f.2d30.3031.6
that's it. On my dhcp server log I don't see any attempt for it to connect.
I can ping 192.168.25.21 from the switch
My switch config:
!
! Last configuration change at 12:22:11 UTC Mon Sep 18 2017 by root
! NVRAM config last updated at 14:11:07 UTC Mon Sep 18 2017 by root
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname mbicl3sw01
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$
enable password
!
username root privilege 15 secret 5
aaa new-model
!
!
!
!
!
aaa session-id common
switch 1 provision ws-c3750g-48ps
system mtu routing 1500
ip subnet-zero
ip routing
ip dhcp relay information trust-all
ip dhcp use vrf connected
!
ip dhcp pool VoiceVlan
import all
network 192.168.50.0 255.255.255.0
dns-server 8.8.8.8
default-router 192.168.50.254
lease 0 2
!
!
ip dhcp-server 192.168.25.21
!
!
crypto pki trustpoint TP-self-signed-3343665408
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certifi
revocation-check none
rsakeypair TP-self-signed-3343665408
!
!
!
!
!
port-channel load-balance src-dst-ip
!
!
spanning-tree mode pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
interface Port-channel1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 201-210
switchport mode trunk
!
interface GigabitEthernet1/0/1
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/2
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/3
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/4
switchport trunk encapsulation dot1q
switchport trunk native vlan 201
switchport mode trunk
spanning-tree portfast
!
interface GigabitEthernet1/0/5
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/6
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/7
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/8
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/9
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/10
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/11
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/12
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/13
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/14
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/15
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/16
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/17
switchport access vlan 203
switchport mode access
!
interface GigabitEthernet1/0/18
switchport access vlan 203
switchport mode access
!
interface GigabitEthernet1/0/19
switchport access vlan 203
switchport mode access
shutdown
!
interface GigabitEthernet1/0/20
switchport access vlan 203
switchport mode access
!
interface GigabitEthernet1/0/21
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
!
interface GigabitEthernet1/0/24
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
switchport access vlan 208
!
interface GigabitEthernet1/0/27
switchport access vlan 207
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/28
switchport access vlan 207
!
interface GigabitEthernet1/0/29
shutdown
!
interface GigabitEthernet1/0/30
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 201-210
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/0/31
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 201-210
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/0/32
!
interface GigabitEthernet1/0/33
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/34
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/35
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/36
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/37
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/38
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/39
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/40
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/41
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/42
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/43
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/44
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/45
switchport access vlan 207
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/46
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/47
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/48
switchport access vlan 204
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/49
!
interface GigabitEthernet1/0/50
!
interface GigabitEthernet1/0/51
!
interface GigabitEthernet1/0/52
!
interface Vlan1
ip address 192.168.25.9 255.255.255.0
shutdown
!
interface Vlan201
ip address 192.168.25.254 255.255.255.0
!
interface Vlan202
description VoiceVlan
ip address 192.168.50.254 255.255.255.0
!
interface Vlan204
description ServerVlan
ip address 192.168.30.254 255.255.255.0
!
interface Vlan205
description FirewallInternalVlan
ip address 192.168.40.254 255.255.255.0
!
interface Vlan206
description ManagementVlan
ip address 192.168.60.254 255.255.255.0
!
interface Vlan207
description GusestWiFiUser
ip address 192.168.70.254 255.255.255.0
ip helper-address 192.168.25.21
!
interface Vlan208
ip address 192.168.80.254 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.40.1
!
!
control-plane
!
!
end
I'm beginning to think this is linked with the original issue however I still haven't spotted my error or th ebug!
Ok here is my config
User VLAN 201 192.168.25.0 SVi 192.168.25.245
On this VLAN I have a windows Domain server also hosting DHCP 192.168.25.21
My DHCP server has scope configured for 192.168.70.0
The windows domain server is hosted on a ESXI box which is connected to the switch via interface Port-channel1
Vlan configured appropriately on ESXI
VLAN 207 192.168.70.0 SVI 192.168.70.254
PC directly connected to switch port gi1/0/27 configured for this VLAN
Helper address configured for 192.168.25.21
I see in debug:
Sep 18 14:20:16.940: DHCPD: DHCPDISCOVER received from client 0063.6973.636f.2d30.3031.6
Sep 18 14:20:16.949: DHCPD: using received relay info.
Sep 18 14:20:16.949: DHCPD: Looking up binding using address 192.168.70.254
Sep 18 14:20:16.949: DHCPD: setting giaddr to 192.168.70.254.
Sep 18 14:20:16.949: DHCPD: BOOTREQUEST from 0063.6973.636f.2d30.3031.6
that's it. On my dhcp server log I don't see any attempt for it to connect.
I can ping 192.168.25.21 from the switch
My switch config:
!
! Last configuration change at 12:22:11 UTC Mon Sep 18 2017 by root
! NVRAM config last updated at 14:11:07 UTC Mon Sep 18 2017 by root
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname mbicl3sw01
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$
enable password
!
username root privilege 15 secret 5
aaa new-model
!
!
!
!
!
aaa session-id common
switch 1 provision ws-c3750g-48ps
system mtu routing 1500
ip subnet-zero
ip routing
ip dhcp relay information trust-all
ip dhcp use vrf connected
!
ip dhcp pool VoiceVlan
import all
network 192.168.50.0 255.255.255.0
dns-server 8.8.8.8
default-router 192.168.50.254
lease 0 2
!
!
ip dhcp-server 192.168.25.21
!
!
crypto pki trustpoint TP-self-signed-3343665408
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certifi
revocation-check none
rsakeypair TP-self-signed-3343665408
!
!
!
!
!
port-channel load-balance src-dst-ip
!
!
spanning-tree mode pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
interface Port-channel1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 201-210
switchport mode trunk
!
interface GigabitEthernet1/0/1
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/2
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/3
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/4
switchport trunk encapsulation dot1q
switchport trunk native vlan 201
switchport mode trunk
spanning-tree portfast
!
interface GigabitEthernet1/0/5
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/6
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/7
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/8
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/9
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/10
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/11
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/12
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/13
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/14
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/15
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/16
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/17
switchport access vlan 203
switchport mode access
!
interface GigabitEthernet1/0/18
switchport access vlan 203
switchport mode access
!
interface GigabitEthernet1/0/19
switchport access vlan 203
switchport mode access
shutdown
!
interface GigabitEthernet1/0/20
switchport access vlan 203
switchport mode access
!
interface GigabitEthernet1/0/21
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
!
interface GigabitEthernet1/0/24
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
switchport access vlan 208
!
interface GigabitEthernet1/0/27
switchport access vlan 207
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/28
switchport access vlan 207
!
interface GigabitEthernet1/0/29
shutdown
!
interface GigabitEthernet1/0/30
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 201-210
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/0/31
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 201-210
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/0/32
!
interface GigabitEthernet1/0/33
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/34
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/35
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/36
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/37
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/38
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/39
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/40
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/41
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/42
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/43
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/44
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/45
switchport access vlan 207
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/46
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/47
switchport access vlan 201
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/48
switchport access vlan 204
switchport mode access
switchport voice vlan 202
spanning-tree portfast
!
interface GigabitEthernet1/0/49
!
interface GigabitEthernet1/0/50
!
interface GigabitEthernet1/0/51
!
interface GigabitEthernet1/0/52
!
interface Vlan1
ip address 192.168.25.9 255.255.255.0
shutdown
!
interface Vlan201
ip address 192.168.25.254 255.255.255.0
!
interface Vlan202
description VoiceVlan
ip address 192.168.50.254 255.255.255.0
!
interface Vlan204
description ServerVlan
ip address 192.168.30.254 255.255.255.0
!
interface Vlan205
description FirewallInternalVlan
ip address 192.168.40.254 255.255.255.0
!
interface Vlan206
description ManagementVlan
ip address 192.168.60.254 255.255.255.0
!
interface Vlan207
description GusestWiFiUser
ip address 192.168.70.254 255.255.255.0
ip helper-address 192.168.25.21
!
interface Vlan208
ip address 192.168.80.254 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.40.1
!
!
control-plane
!
!
end
I'm beginning to think this is linked with the original issue however I still haven't spotted my error or th ebug!
ip helper-address 192.168.25.21
points that dhcp server is configured and present in Vlan201 - 192.168.25.21
Is DHCP server present there?
points that dhcp server is configured and present in Vlan201 - 192.168.25.21
Is DHCP server present there?
ASKER
Yes it is
try this commands
ip dhcp binding cleanup interval 600
ip dhcp conflict resolution interval 30
ip dhcp binding cleanup interval 600
ip dhcp conflict resolution interval 30
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I solved it myself
Since it is not working, points of failure can be that switch VTP mode is client and that assigning port to VLAN 207 did not create VLAN207. Also SVI for VLAN 207 can be shutdown or in up down state. Please check if VLAN 207 exists on switch and that when host is connected to port Gi1/0/27 status of SVI 207 and port is up up.
sh vlan brief | i 207
sh ip int brief | i Vlan207|1/0/27