DHCP - Extreme vs MS domain controller

  • 0
  • 1
  • Question
  • Updated 5 years ago
  • Answered
New user here and hoping to get some advice.

Is there a difference in DHCP leasing between Extreme and a Domain Controller? We just added a new facility and have extended connectivity to that facility via a 'Q-inQ' connection from our telco ISP (http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/6_x/nx-os/interfaces/configuration/guide...) My issue: I have 2 DHCP (2 VLANs) scopes on a domain controller and 2 other DHCP scopes for 2 other VLANs that we chose to place on the 8810. Devices at the remote site are able to obtain leases from the DC based DHCP servers. Devices at the remote site are not able to obtain leases from the Extreme switch based DHCP servers.
Some details:
1. I'm not running DHCP helper on any switch (the domain based DHCP servers/leased devices didn't need it as the Q in Q doesn't seem to impede the connection/traffic.
2.The 2 DC-DHCP scopes are serving PC and telephone clients.
3. The 2 DHCP scopes from Extreme are serving wireless clients (and they work fine on the main campus - just not working at the remote.)

I can provide more info but I'm hoping this is enough to get the problem across.
 
Photo of John Quesenberry

John Quesenberry

  • 100 Points 100 badge 2x thumb

Posted 5 years ago

  • 0
  • 1
Photo of Sumit Tokle

Sumit Tokle, Alum

  • 5,738 Points 5k badge 2x thumb
 When DHCP pool is configured on switch, the remote clients which are connected through VMAN are not getting IP address. correct  me, if I am wrong.

Configure the log filter and add the "bootp"  events on a 8810? Target of log filter would be the syslog server. Check all the events regrading bootp and try to narrow it down.

 You can contact the TAC to narrow down the issue quickly.
Photo of John Quesenberry

John Quesenberry

  • 100 Points 100 badge 2x thumb
Thank you for the reply.

As I mentioned I'm not using 'dhcp helper'/bootp. It was not needed for the 2 VLANs getting addresses from domain controller scopes. Is there a difference in the way the DHCP server from the 8810 operates that would require bootp - when the domain controllers do not? 
Photo of Sumit Tokle

Sumit Tokle, Alum

  • 5,738 Points 5k badge 2x thumb
I want you to enable below command on BD switch,

enable log debug-mode
configure log filter DefaultFilter add events BOOTP severity debug-verbose

NOTE: Above command is process intensive, best way to create your own log filter and point that filter towards the syslog server.

Once you enabled the debug log filter and if any request is coming to the switch asking for an IP address then switch will generate the log messages(dump the DHCP activities in log messages).

-----------------------------------------------------------------------------
In my setup, I have configured the DHCP range on default vlan & configure above command to capture the traffic,

configure vlan Default dhcp-address-range 192.168.0.11 - 192.168.0.22
enable dhcp ports 1:1-2 vlan Default

Connected my computer directly on port 1:2 and saw below log messages on switch

04/02/2014 22:09:32.45 <Verb:BOOTP.Server.TxDHCPPkt> Slot-1: Transmitted a 256 bytes DHCP message(5) to 192.168.0.11 on VLAN Default, error code 004/02/2014 22:09:32.45 <Verb:BOOTP.Server.RxPktMsgTypeInfm> Slot-1: Rx INFORM[Default], clid=F0:1F:AF:38:15:8A [LEN=7], ciaddr=192.168.0.11
04/02/2014 22:09:32.45 <Verb:BOOTP.RxReqPkt> Slot-1: Received 300 bytes BOOTP/DHCP packet on VLAN Default, 1:2 from F0:1F:AF:38:15:8A, 192.168.0.11 sent to 255.255.255.255
04/02/2014 22:09:30.07 <Verb:BOOTP.Server.TxDHCPPkt> Slot-1: Transmitted a 262 bytes DHCP message(5) to 192.168.0.11 on VLAN Default, error code 0
04/02/2014 22:09:30.07 <Verb:BOOTP.Server.RxPktMsgTypeReq> Slot-1: Rx REQUEST[Default], clid=F0:1F:AF:38:15:8A [LEN=7], reqIP=192.168.0.11, offeredIP=192.168.0.11, serverID=0.0.0.0, ciaddr=0.0.0.0
04/02/2014 22:09:30.07 <Verb:BOOTP.RxReqPkt> Slot-1: Received 347 bytes BOOTP/DHCP packet on VLAN Default, 1:2 from F0:1F:AF:38:15:8A, 0.0.0.0 sent to 255.255.255.255
04/02/2014 22:09:26.99 <Info:vlan.msgs.portLinkStateUp> Slot-1: Port 1:2 link UP at speed 1 Gbps and full-duplex

Above method will help you to narrow down the issue, when the remote user(connected though Q-In-Q protocol.) try to get an IP address from BD. If you see request from the clients and switch is unable to process it. Please feel free to open case with TAC. They will definitely assist you and will resolve the issue.



Photo of Daniel Flouret

Daniel Flouret, Employee

  • 7,470 Points 5k badge 2x thumb
John,

EXOS includes very basic DHCP server functionality. Its main purpose is to support Web-based Network Login by providing IP addresses to the network login vlan. The client PC obtains a short-lived IP address to be able to access the captive portal for identification. Once moved to the destination vlan, the original DHCP lease expires and the client obtains an address lease from the new vlan subnet.

This DHCP server does not support options or scopes (you should configure one DHCP server for each vlan), and uses the switch CPU.

The DHCP server functionality should be placed in a centralized device that supports multiple scopes  and options.

Regards, Daniel
Photo of John Quesenberry

John Quesenberry

  • 100 Points 100 badge 2x thumb
I think at this point I'm going to shade myself a bit confused....  
I implemented Sumit Tokles suggestion for the debug filter. And with the suggestion that the Extreme implementation of DHCp is not as 'fully featured' as a domian controller can offer....I see a need for a bit more information for you to consider. The DHCP from the domain controller and the 8810 are working fine on all VLANs. Devices attempting to get addresses from the 8806 side of things are not getting leases. Bootp is disabled on the 8810 and on the 8806. I'm leaning  to a bootp or routing/gateway issue but I haven't had much luck during my discovery at my skill level.

[Edit: I just checked this posting as there is supposed to be an attached .jpg but I don't see a link to it. Can I see my own attachments? Am attaching it again via this edit - will see what comes of that.]
(Edited)
Photo of John Quesenberry

John Quesenberry

  • 100 Points 100 badge 2x thumb
Solved....if the PC won't boot up check the power cord before you buy a new motherboard. This one definitely is down to my lack of expereince with DHCP on the switch. The solution was using the command 'enable dhcp ports XXX vlan XXX'. Having 'everything' correct was useless without allowing the DHCP to traverse the ports.
Photo of Sumit Tokle

Sumit Tokle, Alum

  • 5,738 Points 5k badge 2x thumb
Nice to hear that, you have resolved the issue.