Solved

1x DHCP Server 2019 - multiple VLANs - what am I doing wrong?


Userlevel 1

I’m having an Extreme Networks x460 Switch and 2 VLANs. On VLAN 11 there’s a Windows Server 2019 located which has 2 scopes (for the different vlans)

VLAN 11 IP Switch: 192.168.11.253/24
IP
 DHCP Server: 192.168.11.1

VLAN 193 IP Switch: 192.168.193.253/24

I’m able to ping the DCHP Server from the Switch


I did a config bootprelay add 192.168.11.1 vr VR-Default
Also enable bootprelay VLAN VLAN11
and enable bootprelay VLAN VLAN193

and last but not least: enable ipforwarding vlan11
and enable ipforwarding vlan193

When I connect a client to VLAN 193 I’m not getting an IP Adress.

The DHCP Server has a Scope for: 192.168.11.100-110 and a Scope for: 192.168.193.100-110

 

icon

Best answer by frankygth 6 October 2020, 10:15

I found the error and it’s working now - thank you!! 
The problem was the getting back to the VLAN . The Problem was more firewall related then switch related. Best Regards, Frank PS: Wireshark did the trick

View original

15 replies

Userlevel 1

rtlookup:

#d   192.168.11.0/24    192.168.11.253  1    U------um--f- Verwaltung-11 0d:0h:28m:14s

sh config nettools:

# Module netTools configuration.
#
enable dhcp vlan Default
enable dhcp vlan Mgmt
configure bootprelay add 192.168.11.1 vr VR-Default
enable bootprelay ipv4 vlan Default
enable bootprelay ipv4 vlan Client-193
enable bootprelay ipv4 vlan Verwaltung-11

Userlevel 6

hi Frankygth 
First thing I would do is get a packet capture on the server and see if the Discover is coming in and the Offer is going out. 
 

Brad

Userlevel 1

EXOS-VM.23 # sh iproute
Ori  Destination        Gateway         Mtr  Flags         VLAN       Duration
#d   192.168.11.0/24    192.168.11.253  1    U------um--f- Verwaltung-11 0d:0h:31m:25s
#d   192.168.193.0/24   192.168.193.253 1    U------um--f- Client-193 0d:0h:31m:25s

 

Userlevel 1

sh vlan
Untagged ports auto-move: Inform
-----------------------------------------------------------------------------------------------
Name            VID  Protocol Addr       Flags                         Proto  Ports  Virtual
                                                                              Active router
                                                                              /Total
-----------------------------------------------------------------------------------------------
Client-193      193  192.168.193.253/24  -f------------------------    ANY    1 /6   VR-Default
Default         1    ----------------------------------------------    ANY    0 /0   VR-Default
Mgmt            4095 ----------------------------------------------    ANY    0 /1   VR-Mgmt
Verwaltung-11   11   192.168.11.253 /24  -f------------------------    ANY    1 /6   VR-Default

Userlevel 1

hi Frankygth 
First thing I would do is get a packet capture on the server and see if the Discover is coming in and the Offer is going out. 
 

Brad

EXOS-VM.34 # sh bootprelay
Bootprelay : Disabled on virtual router "VR-Default", but enabled on some VLANs
Include Secondary : Disabled
DHCP Relay Agent Information Option : Disabled on virtual router "VR-Default"

Bootprelay servers for virtual router "VR-Default":
    Destination: 192.168.11.1

DHCP/BOOTP relay statistics for virtual router "VR-Default"
    Received from client =          4  Received from server =          0
    Requests relayed     =          4  Responses relayed    =          0
    DHCP Discover        =          4  DHCP Offer           =          0
    DHCP Request         =          0  DHCP Ack             =          0
    DHCP Decline         =          0  DHCP NAck            =          0
    DHCP Release         =          0
    DHCP Inform          =          0

 

I think the Client is asking for DHCP but I’m not sure if the switch itself drops the packet. To me it seams as if the switch is not going to forward the offer to the DHCP server? What do you think?

Userlevel 1

I’m wondering if: DHCP Relay Agent Information Option : Disabled on virtual router "VR-Default" this could be the Problem?

Userlevel 1

I’m wondering if: DHCP Relay Agent Information Option : Disabled on virtual router "VR-Default" this could be the Problem?

but I did a conf bootprelay add 192.168.11.1 vr VR-Default. Is there anything else I need to do to get the relay working?

Userlevel 4

Servus Frank,

in the “show bootprelay” output we can see that the switch relays  the DHCP-Discover. The question is where the packet is  going and why it doesn’t come back. :)

Easiest thing would be to start a wireshark on the windows server and look if the packets are received from the server. The problem could be anything (DHCP-Scope problem, routing problem, static route on the DHCP-Server and so on...)

Best regards
Stefan

Userlevel 1

Servus Frank,

in the “show bootprelay” output we can see that the switch relays  the DHCP-Discover. The question is where the packet is  going and why it doesn’t come back. :)

Easiest thing would be to start a wireshark on the windows server and look if the packets are received from the server.

Best regards
Stefan

Hi Stefan,

was mich wundert ist: DHCP Relay Agent Information Option: Disabled on virtual Router VR-Default

Ich werde mal Wireshark aktivieren und schauen, ob am Server was ankommt.

 

lg,

Frank

Userlevel 1

ok, it seems like, the offer is not getting back. I see a DHCP Discover from 192.168.198.253 to 192.168.11.1 and afterwards I see the DHCP Offer from 192.168.11.1 to 192.168.193.253.
and nothing more… Filter in Wireshark is DHCP

Userlevel 1

so the offer can’t reach 192.168.193.253 - ipforwarding is enabled von both vlan. Do I need anything else? like a iproute

Userlevel 1

I found the error and it’s working now - thank you!! 
The problem was the getting back to the VLAN . The Problem was more firewall related then switch related. Best Regards, Frank PS: Wireshark did the trick

Userlevel 1

Silly question, but you have built the VLANS in your router right?

Userlevel 1

Never mind, i see you have resolved the issue.

Userlevel 1

Silly question, but you have built the VLANS in your router right?

Yes, I did that, but I did it within GNS3 (for testing purposes). The Problem was, that the offer didn’t get back in the VLAN. I did see the Request in Wireshark also the offer but there was no Ack. So I had to fix the Firewall / VLAN Issue and everything worked then. I was just confused, if the config on the Switch was ok, which ist was ;-)

Thank You very much..

Reply