ExtremeSwitching (EXOS)

Expand all | Collapse all

Supervlan and needless DHCP Requests

  • 1.  Supervlan and needless DHCP Requests

    Posted 05-11-2017 12:59
    Hello.

    If I use separate vlans on Extreme X450-24 ver. 15.3.5.2 with bootprelay, DHCP works fine for my client-device. At first there are DhcpDiscover,DhcpOffer,DhcpRequest and DhcpAck and than there are one DhcpRequest + one DhcpAck during right time-period. All right.

    But if I begin to use supervlan, the situation is changed. My device sends one DhcpRequest but receives 2 replays.

    Scheme:
    client-device <-> switch <-> extreme witch supervlan and bootprelay <-> DHCP server

    When I have mirrored traffic between switch and extreme I have seen so situation (by tcpdump):
    17:20:51.442246 IP client_ip.68 > dhcp_server_ip.67: BOOTP/DHCP, Request from e8:94:f6:53:cf:45, length 548
    17:20:51.442803 IP dhcp_server_ip.67 > client_ip.68: BOOTP/DHCP, Reply, length 300
    17:20:51.443525 IP dhcp_server_ip.67 > client_ip.68: BOOTP/DHCP, Reply, length 300

    When I have mirrored traffic between extreme and DHCP server I have seen other situation (by tcpdump):
    16:08:21.422645 IP client_ip.bootpc > dhcp_server_ip.bootps: BOOTP/DHCP, Request from e8:94:f6:53:cf:45, length 548
    16:08:21.423216 IP dhcp_server_ip.bootps > client_ip.bootpc: BOOTP/DHCP, Reply, length 300
    16:08:21.423477 IP client_ip.bootpc > dhcp_server_ip.bootps: BOOTP/DHCP, Request from e8:94:f6:53:cf:45, length 548
    16:08:21.424140 IP dhcp_server_ip.bootps > client_ip.bootpc: BOOTP/DHCP, Reply, length 300

    So, after extreme we have duplicate of DhcpRequest packet.
    I think extreme makes it. Why does it make this?

    I have used also dhcpdump on DHCP server, but both Requests are identical

    How can I fix this situation?

    Thank you.


  • 2.  RE: Supervlan and needless DHCP Requests

    Posted 05-11-2017 13:04
    try to disable bootprelay and see how it changes


  • 3.  RE: Supervlan and needless DHCP Requests

    Posted 05-11-2017 13:28
    Disable communication between your subvlan under your supervlan. ARP will be block/

    #disable subvlan-proxy-arp vlan all


  • 4.  RE: Supervlan and needless DHCP Requests

    Posted 05-15-2017 10:03
    Hello, Viktor!

    Actually you describing of you config/topology - I don't understand.

    Can you, please, show supervlan and bootprelay configuration.
    And also scheme with pointed ports, vlans/subvlans/supervlans.

    Also - can it be loop in your scheme?

    Thank you!


  • 5.  RE: Supervlan and needless DHCP Requests

    Posted 05-11-2017 13:04
    I made it, but this could not help me.


  • 6.  RE: Supervlan and needless DHCP Requests

    Posted 05-11-2017 13:28
    It doesn't help too.


  • 7.  RE: Supervlan and needless DHCP Requests

    Posted 05-15-2017 10:03
    Hello, Alexandr.

    Client 's device (TP-link wr740n or Windows 7) is connected to management switch. Client's vlan (one of subvlans on 450) is untagged on client's port and on port that this switch is connected to extreme 450. On extreme 450 there are 2 subvlans in 1 supervlan.
    Bootprelay is on in all vlans. (when I off bootprelay — It didn't make any effect ).
    This 450 is connected by ospf with extreme 650.
    On 650 bootprelay is also on in vlan with it 450 and 650 are connected, and 650 has direct interface(separate vlan with bootprelay) to DHCP server.

    Supervlan on 450
    create vlan "SU"
    configure vlan SU ipaddress *.*.*.1 255.255.255.128
    enable ipforwarding vlan SU
    configure vlan SU add secondary-ipaddress *.*.*.129 255.255.255.128
    configure vlan "SU" add subvlan "test-su-2"
    configure vlan "SU" add subvlan "test-su-1"
    enable bootprelay vlan SU
    configure ospf add vlan SU area 0.1.1.1 passive

    Bootprelay:
    configure bootprelay add *.*.*.* vr VR-Default
    enable bootprelay vlan SU
    enable bootprelay vlan km (vlan to 650)
    enable bootprelay vlan test-su-1
    enable bootprelay vlan test-su-2



  • 8.  RE: Supervlan and needless DHCP Requests

    Posted 05-15-2017 10:03
    What address range is using in subvlan?

    Thank you!


  • 9.  RE: Supervlan and needless DHCP Requests

    Posted 05-15-2017 10:03
    I'm sorry, but I didn't understand your question. What do you mean by “address range in subvlan”? Please, explain it.
    We have such ranges in supervlan:
    configure vlan SU ipaddress *.*.*.1 255.255.255.128
    configure vlan SU add secondary-ipaddress *.*.*.129 255.255.255.128
    I'm sorry, but we don't want to show our real ip for all.

    Thank you!


  • 10.  RE: Supervlan and needless DHCP Requests

    Posted 05-15-2017 10:03
    Subvlan IP addresses from Supervlan addresses range.
    You take it from main supervlan IP range, or from secondary IP range?
    (because there is restriction)

    Thank you!


  • 11.  RE: Supervlan and needless DHCP Requests

    Posted 05-15-2017 10:03
    Also:
    dhcp relay work at L3,
    at L2 work dhcp snooping.
    If your subvlans have no IP-addresses - it's can be as a part of issue. (just in theory)

    Thank you!


  • 12.  RE: Supervlan and needless DHCP Requests

    Posted 05-15-2017 10:03
    The whole address range from supervlan is permitted for using in subvlans. Client can get any ip address. Which restriction do you mean?

    We don't use dhcp snooping on extreme.
    When we tried to add ipaddress to subvlans we got message: “Sub-VLAN test-su-1 cannot be configured with IP address”.

    Thank you.



  • 13.  RE: Supervlan and needless DHCP Requests

    Posted 05-15-2017 10:03
    I meaned earlier - NOT assign IP address for sub-vlan interface, but divide IP-address range for sub-vlan users "configure vlan vsub1 subvlan-address-range 192.201.3.2 - 192.201.3.6"

    Thank you!


  • 14.  RE: Supervlan and needless DHCP Requests

    Posted 05-15-2017 10:03

    But if we divide IP-address range for sub-vlan, what difference will be between separate vlans and sub-vlans in supervlan? We want to use all ip for all vlans, without dividing pools. We want to divide only broadcast domain with using different vlans.