Smart questions
Smart answers
Smart people
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Member Login




Remember Me
Forgot Password?
Join Us!

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips now!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

Join Tek-Tips
*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.
Jobs from Indeed

Link To This Forum!

Partner Button
Add Stickiness To Your Site By Linking To This Professionally Managed Technical Forum.
Just copy and paste the
code below into your site.

orionpex (IS/IT--Management) (OP)
5 Feb 11 22:00

Hi all,


I have an issue, and need some assistance with solving it. I am attempting to use a Vlan as for public DHCP via my ISP.

I have multiple IP's from ISP and would like use that VLAN as sort of a dump switch per say. For better understanding here is my setup.


I created Vlan6 on my 3550.
I added fastE ports 0/44 through 0/48 to that Vlan.
I then plugged port fastE 0/48 to the my cable modem.
I then plugged four devices that I wish to pull public DHCP IP's to fastE's 0/44 through 0/47.


I configured vlan6 as "ip address DHCP"


Now I'm not sure if there are any other configs that I would need to add.

Please assist.  
VinceWhirlwind (TechnicalUser)
6 Feb 11 18:08
You made those interfaces "Untagged" in VLAN6?
 
Are you sure the cable modem is configured to not terminate the connection to the ISP itself?
orionpex (IS/IT--Management) (OP)
6 Feb 11 23:54
Not sure what you mean by "UNTAGGED". But I am only using the one VLAN and have not created a trunk of any kind. I'm mainly trying to pull DHCP address through that VLAN.


As far as the the terminating connection to the ISP can you elaborate on what you mean.  
imbadatthis (TechnicalUser)
7 Feb 11 10:01
if im reading this correctly then yeah that SHOULD work. the c3550 doesn't do NAT but you are saying that your ISP is providing you with a block of publicly routed IP addresses.

so as long as you have:

CODE

switchport mode access
switchport access vlan 6

as your minimum code that should work fine.
You might want to look into setting up at least an IPS of some sort if you dont have any though. at least some access-lists defining what kind of traffic is allowed in / out.

cheers,
 

We must go always forward, not backward
always up, not down and always twirling twirling towards infinity.
 

baddos (MIS)
7 Feb 11 11:34
If they are sending you dhcp, you probably need to add a default route from it if you want it to do routing as well.

ip route 0.0.0.0 0.0.0.0 dhcp
orionpex (IS/IT--Management) (OP)
7 Feb 11 12:56

imbadatthis, yes I do have an isp and am being provided multiple IP's. I do have the minimum config as identified, however I am unable to pull an IP on any the devices I plug into any of the ports under the vlan. I pasted a copy of my config below, I am able to get it to work on any port outside of the vlan.

Here is my config
##################

3550.SW#
3550.SW#sh run int vlan 6
Building configuration...

Current configuration : 40 bytes
!
interface Vlan6
 ip address dhcp   <<<<<<<<<<<--------------does not work with or without this option.
end

3550.SW#
3550.SW#sh run int fastEthernet 0/44
Building configuration...

Current configuration : 94 bytes
!
interface FastEthernet0/44
 switchport access vlan 6
 switchport mode access
 shutdown
end

3550.SW#sh run int fastEthernet 0/45
Building configuration...

Current configuration : 84 bytes
!
interface FastEthernet0/45
 switchport access vlan 6
 switchport mode access
end

3550.SW#sh run int fastEthernet 0/46
Building configuration...

Current configuration : 84 bytes
!
interface FastEthernet0/46
 switchport access vlan 6
 switchport mode access
end

3550.SW#sh run int fastEthernet 0/47
Building configuration...

Current configuration : 84 bytes
!
interface FastEthernet0/47
 switchport access vlan 6
 switchport mode access
end

3550.SW#sh run int fastEthernet 0/48
Building configuration...

Current configuration : 84 bytes
!
interface FastEthernet0/48
 switchport access vlan 6
 switchport mode access
end

3550.SW#
###################################


 
VinceWhirlwind (TechnicalUser)
7 Feb 11 17:14
1/ Show us the switch interfaces' config
 
2/ How is the connection to the ISP established (authentication)?
orionpex (IS/IT--Management) (OP)
7 Feb 11 17:45
The switch interface configs are sow before your post via my last post. also the connection to the ISP is through the cable modem, which basically works like this.

A request goes out to the ISP's DHCP server via the cable modem and once and an IP is assigned. previously I had my wireless plugged directly to the cable modem and it pulled an IP fine. Also I as able to pull an IP when I configured one of the fastE's not in a vlan as shown below. What I am trying to do is use the ports in the vlan like a dumb switch/hub.


I was able to pull an IP via this port on the switch with the following config. however I would like to have the devices pull IP's from the ISP through the port.

####################################


3550.SW#sh run int fastEthernet 0/48
Building configuration...

Current configuration : 84 bytes
!
interface FastEthernet0/11
no switchport
ip address DHCP
end
imbadatthis (TechnicalUser)
7 Feb 11 19:47
Im assuming your devices are connected directly to ports 45-47 and are setup as DHCP clients correct?( im not saying 44 because that one shows to be in shutdown state) .

when u do a sh ip int bri does it show vlan 6 as up / up?

 

We must go always forward, not backward
always up, not down and always twirling twirling towards infinity.
 

orionpex (IS/IT--Management) (OP)
7 Feb 11 22:12
Yes that is correct those are the assigned ports and the devices are configured for DHCP addressing.

And yes vlan6 does show as up up.  
VinceWhirlwind (TechnicalUser)
7 Feb 11 23:52
Are you sure DHCP is the first thing that happens when you connect to your ISP? I would expect them to want to authenticate the connection attempt before handing out an IP address.
orionpex (IS/IT--Management) (OP)
8 Feb 11 0:00
Well, I would say then that the authentication would involve the cable modem and not any edge device i connect to it. I identified earlier that my wireless pulled an IP without issue, and I can do the same with any port on the 3550 that does not belong to a vlan.   
imbadatthis (TechnicalUser)
8 Feb 11 17:01
the only thing i can think of is that you added ip address dhcp to interface vlan 6 before you performed a no shut and before you added a memeber to said vlan.

cisco admits that sometimes dhcp request does not get sent if that happens.

do this :

int vlan 6
shut down

do not assume that its shut down until the switch tells you it is

then do a 'no shut' that should generate a proper dhcp request for your vlan interface.

CODE

C3550(config-if)#
*Apr 16 04:30:23.348: %LINK-5-CHANGED: Interface Vlan23, changed state to administratively down
*Apr 16 04:30:24.348: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan23, changed state to down
C3550(config-if)#no shut
C3550(config-if)#
*Apr 16 04:30:29.512: %LINK-3-UPDOWN: Interface Vlan23, changed state to up
*Apr 16 04:30:30.512: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan23, changed state to up
C3550(config-if)#
*Apr 16 04:30:30.588: %DHCP-6-ADDRESS_ASSIGN: Interface Vlan23 assigned DHCP address 10.254.23.3, mask 255.255.255.0, hostname c3550

Current configuration : 56 bytes
!
interface Vlan23
 ip address dhcp hostname c3550
end
Interface              IP-Address      OK? Method Status                Protocol
Vlan1                  unassigned      YES NVRAM  up                    up
Vlan6                  unassigned      YES unset  down                  down
Vlan23                 10.254.23.3     YES DHCP   up                    up

 

We must go always forward, not backward
always up, not down and always twirling twirling towards infinity.
 

orionpex (IS/IT--Management) (OP)
9 Feb 11 15:10
Ok I started everything from scratch, and have the config show as below. I did as you stated but still no DHCP allocation. To test it properly and make sure it was not an issue wit my cable/ISP, I plugged the 3550 into my wireless with the following config to see if it will pull an IP. It was unsuccessful, and also noticed the item below the config shown after debugging DHCP.  

CODE

Current configuration : 72 bytes
!
interface Vlan6
 ip dhcp client client-id Vlan6
 ip address dhcp
end

3550.SW#
3550.SW#s run int fast 0/48
Building configuration...

Current configuration : 84 bytes
!
interface FastEthernet0/48
 switchport access vlan 6
 switchport mode access
end

Debug output after config setup.

CODE

3d20h: RAC: DHCP stopped on interface Vlan6
3d20h: %LINK-5-CHANGED: Interface Vlan6, changed state to administratively down
3d20h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan6, changed state to down
3550.SW#
3d20h: DHCP: DHCP client process started: 10
3d20h: RAC: Starting DHCP discover on Vlan6
3d20h: DHCP: Try 1 to acquire address for Vlan6
3d20h: DHCP: allocate request
3d20h: DHCP: new entry. add to queue
3d20h: DHCP: SDiscover attempt # 1 for entry:
3d20h: Temp IP addr: 0.0.0.0  for peer on Interface: Vlan6
3d20h: Temp  sub net mask: 0.0.0.0
3d20h:    DHCP Lease server: 0.0.0.0, state: 1 Selecting
3d20h:    DHCP transaction id: 22BE
3d20h:    Lease: 0 secs,  Renewal: 0 secs,  Rebind: 0 secs
3d20h:    Next timer fires after: 00:00:03
3d20h:    Retry count: 1   Client-ID: 000a.f41a.3d00
3d20h:    Client-ID hex dump: 000AF41A3D00
3d20h:    Hostname: 3550.SW
3d20h: DHCP: SDiscover: sending 287 byte length DHCP packet
3d20h: DHCP: SDiscover 287 bytes
3d20h:             B'cast on Vlan6 interface from 0.0.0.0
3d20h: %LINK-3-UPDOWN: Interface Vlan6, changed state to up
3d20h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan6, changed state to up
3d20h: DHCP: SDiscover attempt # 2 for entry:
3d20h: Temp IP addr: 0.0.0.0  for peer on Interface: Vlan6
3d20h: Temp  sub net mask: 0.0.0.0
3d20h:    DHCP Lease server: 0.0.0.0, state: 1 Selecting
3d20h:    DHCP transaction id: 22BE
3d20h:    Lease: 0 secs,  Renewal: 0 secs,  Rebind: 0 secs
3d20h:    Next timer fires after: 00:00:03
3d20h:    Retry count: 2   Client-ID: 000a.f41a.3d00
3d20h:    Client-ID hex dump: 000AF41A3D00
3d20h:    Hostname: 3550.SW
3d20h: DHCP: SDiscover: sending 287 byte length DHCP packet
3d20h: DHCP: SDiscover 287 bytes
3d20h:             B'cast on Vlan6 interface from 0.0.0.0
3d20h: DHCP: SDiscover attempt # 3 for entry:
3d20h: Temp IP addr: 0.0.0.0  for peer on Interface: Vlan6
3d20h: Temp  sub net mask: 0.0.0.0
3d20h:    DHCP Lease server: 0.0.0.0, state: 1 Selecting
3d20h:    DHCP transaction id: 22BE
3d20h:    Lease: 0 secs,  Renewal: 0 secs,  Rebind: 0 secs
3d20h:    Next timer fires after: 00:00:03
3d20h:    Retry count: 3   Client-ID: 000a.f41a.3d00
3d20h:    Client-ID hex dump: 000AF41A3D00
3d20h:    Hostname: 3550.SW
3d20h: DHCP: SDiscover: sending 287 byte length DHCP packet
3d20h: DHCP: SDiscover 287 bytes
3d20h:             B'cast on Vlan6 interface from 0.0.0.0
3d20h: DHCP: QScan: Timed out Selecting state%Unknown DHCP problem.. No allocation possible
3d20h: DHCP: Waiting for 5 seconds on interface Vlan6
3d20h: DHCP: Try 2 to acquire address for Vlan6
3d20h: DHCP: allocate request
3d20h: DHCP: zapping entry in DHC_PURGING state for Vl6
3d20h: DHCP: new entry. add to queue
3d20h: DHCP: SDiscover attempt # 1 for entry:
3d20h: Temp IP addr: 0.0.0.0  for peer on Interface: Vlan6
3d20h: Temp  sub net mask: 0.0.0.0
3d20h:    DHCP Lease server: 0.0.0.0, state: 1 Selecting
3d20h:    DHCP transaction id: 22BF
3d20h:    Lease: 0 secs,  Renewal: 0 secs,  Rebind: 0 secs
3d20h:    Next timer fires after: 00:00:03
3d20h:    Retry count: 1   Client-ID: 000a.f41a.3d00
3d20h:    Client-ID hex dump: 000AF41A3D00
3d20h:    Hostname: 3550.SW
3d20h: DHCP: SDiscover: sending 287 byte length DHCP packet
3d20h: DHCP: SDiscover 287 bytes
3d20h:             B'cast on Vlan6 interface from 0.0.0.0
3d20h: DHCP: SDiscover attempt # 2 for entry:
3d20h: Temp IP addr: 0.0.0.0  for peer on Interface: Vlan6
3d20h: Temp  sub net mask: 0.0.0.0
3d20h:    DHCP Lease server: 0.0.0.0, state: 1 Selecting
3d20h:    DHCP transaction id: 22BF
3d20h:    Lease: 0 secs,  Renewal: 0 secs,  Rebind: 0 secs
3d20h:    Next timer fires after: 00:00:03
3d20h:    Retry count: 2   Client-ID: 000a.f41a.3d00
3d20h:    Client-ID hex dump: 000AF41A3D00
3d20h:    Hostname: 3550.SW
3d20h: DHCP: SDiscover: sending 287 byte length DHCP packet
3d20h: DHCP: SDiscover 287 bytes
3d20h:             B'cast on Vlan6 interface from 0.0.0.0
3d20h: DHCP: SDiscover attempt # 3 for entry:
3d20h: Temp IP addr: 0.0.0.0  for peer on Interface: Vlan6
3d20h: Temp  sub net mask: 0.0.0.0
3d20h:    DHCP Lease server: 0.0.0.0, state: 1 Selecting
3d20h:    DHCP transaction id: 22BF
3d20h:    Lease: 0 secs,  Renewal: 0 secs,  Rebind: 0 secs
3d20h:    Next timer fires after: 00:00:03
3d20h:    Retry count: 3   Client-ID: 000a.f41a.3d00
3d20h:    Client-ID hex dump: 000AF41A3D00
3d20h:    Hostname: 3550.SW
3d20h: DHCP: SDiscover: sending 287 byte length DHCP packet
3d20h: DHCP: SDiscover 287 bytes
3d20h:             B'cast on Vlan6 interface from 0.0.0.0
3d20h: DHCP: QScan: Timed out Selecting state%Unknown DHCP problem.. No allocation possible
3d20h: DHCP: Waiting for 10 seconds on interface Vlan6
imbadatthis (TechnicalUser)
9 Feb 11 17:09
can you post your full config please?
something is wrong, you are not receiving bootrep pkt.

I have to ask , did you activate the vlan before or after you added ip dhcp client command ?

same configuration gets me:

CODE

C3550(config-if)#no shut
*Apr 17 04:36:57.614: %LINK-5-CHANGED: Interface Vlan23, changed state to administratively down
C3550(config-if)#no shut%Unknown DHCP problem.. No allocation possible
*Apr 17 04:36:57.866: DHCP: Waiting for 60 seconds on interface Vlan121
C3550(config-if)#no shut
*Apr 17 04:36:58.614: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan23, changed state to down
C3550(config-if)#no shut
C3550(config-if)#
*Apr 17 04:37:06.174: DHCP: DHCP client process started: 10
*Apr 17 04:37:06.178: RAC: Starting DHCP discover on Vlan23
*Apr 17 04:37:06.178: DHCP: Try 1 to acquire address for Vlan23
*Apr 17 04:37:06.178: DHCP: allocate request
*Apr 17 04:37:06.178: DHCP: zapping entry in DHC_PURGING state for Vl23
*Apr 17 04:37:06.178: DHCP: deleting entry 2F8D63C 10.254.23.3 from list
*Apr 17 04:37:06.178: DHCP: new entry. add to queue
*Apr 17 04:37:06.178: DHCP: SDiscover attempt # 1 for entry:
*Apr 17 04:37:
C3550(config-if)#06.178: DHCP: SDiscover: sending 293 byte length DHCP packet
*Apr 17 04:37:06.178: DHCP: SDiscover 293 bytes
*Apr 17 04:37:06.182:             B'cast on Vlan23 interface from 0.0.0.0
C3550(config-if)#
*Apr 17 04:37:08.174: %LINK-3-UPDOWN: Interface Vlan23, changed state to up
C3550(config-if)#
*Apr 17 04:37:08.182: DHCP: Received a BOOTREP pkt
*Apr 17 04:37:08.182: DHCP: offer received from 10.254.23.1
*Apr 17 04:37:08.182: DHCP: SRequest attempt # 1 for entry:
*Apr 17 04:37:08.182: DHCP: SRequest- Server ID option: 10.254.23.1
*Apr 17 04:37:08.182: DHCP: SRequest- Requested IP addr option: 10.254.23.4
*Apr 17 04:37:08.182: DHCP: SRequest placed lease len option: 86400
*Apr 17 04:37:08.182: DHCP: SRequest: 311 bytes
*Apr 17 04:37:08.182: DHCP: SRequest: 311 bytes
*Apr 17 04:37:08.186:
C3550(config-if)#            B'cast on Vlan23 interface from 0.0.0.0
*Apr 17 04:37:08.190: DHCP: Received a BOOTREP pkt
*Apr 17 04:37:09.174: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan23, changed state to up
C3550(config-if)#
*Apr 17 04:37:11.190: DHCP Client Pooling: ***Allocated IP address: 10.254.23.4
*Apr 17 04:37:11.302: Allocated IP address = 10.254.23.4  255.255.255.0
 

We must go always forward, not backward
always up, not down and always twirling twirling towards infinity.
 

orionpex (IS/IT--Management) (OP)
9 Feb 11 17:47
No I actually added the command to the vlan interface prior to activating the vlan. I then added the fastE to the vlan, yet still no success. I keep getting this in the debug output "B'cast on Vlan6 interface from 0.0.0.0%Unknown DHCP problem.. No allocation possible"


Below is the running config


CODE

3550.SW#sh run
Building configuration...

Current configuration : 8367 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname 3550.SW
!
!
username admin password 7 ???????????????
username cisco password 7 ???????????????
!
!

ip subnet-zero
ip routing
no ip domain-lookup
!
ip dhcp snooping vlan 6
!
!

!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
!
!
!
interface Loopback0
 no ip address
!
interface FastEthernet0/1
 no switchport
 ip address 192.168.1.10 255.255.255.252
!
interface FastEthernet0/2
 no switchport
 ip address 192.168.0.3 255.255.255.0
!
interface FastEthernet0/3
 no switchport
 ip address 192.168.1.13 255.255.255.252
!
interface FastEthernet0/4
 description Lab Pod 4 Gateway
 no switchport
 ip address 172.20.20.13 255.255.255.252
 speed 100
 duplex full
!
interface FastEthernet0/5
 description Dynamips Lab Pod 5 Gateway
 no switchport
 ip address 172.20.20.17 255.255.255.252
 speed 100
 duplex full
!
interface FastEthernet0/6
 description Dynamips Lab Pod 6 Gateway
 no switchport
 ip address 172.20.20.21 255.255.255.252
 speed 100
 duplex full
!
interface FastEthernet0/7
 description Dynamips Lab Pod 7 Gateway
 no switchport
 ip address 172.20.20.25 255.255.255.252
 speed 100
 duplex full
!
interface FastEthernet0/8
 description Dynamips Lab Pod 8 Gateway
 no switchport
 ip address 172.20.20.29 255.255.255.252
 speed 100
 duplex full
!
interface FastEthernet0/9
 description Dynamips Lab Pod 9 Gateway
 no switchport
 ip address 172.20.20.33 255.255.255.252
 speed 100
 duplex full
!
interface FastEthernet0/10
 switchport mode dynamic desirable
!
interface FastEthernet0/11
description DHCP-TEST
 no switchport
 ip address dhcp
!
interface FastEthernet0/12
 switchport mode dynamic desirable
!
interface FastEthernet0/13
 switchport mode dynamic desirable
!
interface FastEthernet0/14
 switchport mode dynamic desirable
!
interface FastEthernet0/15
 switchport mode dynamic desirable
!
interface FastEthernet0/16
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/17
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/18
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/19
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/20
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/21
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/22
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/23
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/24
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/25
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/26
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/27
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/28
 switchport access vlan 5
 switchport mode access
 shutdown
!
interface FastEthernet0/29
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/30
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/31
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/32
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/33
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/34
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/35
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/36
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/37
 switchport mode dynamic desirable
 shutdown
!         
interface FastEthernet0/38
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/39
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/40
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/41
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/42
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/43
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/44
 switchport mode dynamic desirable
 shutdown
!
interface FastEthernet0/45
 switchport mode dynamic desirable
!
interface FastEthernet0/46
 switchport mode dynamic desirable
!
interface FastEthernet0/47
 switchport mode dynamic desirable
!
interface FastEthernet0/48
 switchport access vlan 6
 switchport mode access
!
interface GigabitEthernet0/1
 description 1 Gig Uplink from 2950 Switch# 1
 switchport mode access
 speed nonegotiate
!
interface GigabitEthernet0/2
 description 1 Gig Uplink from 2950 Switch# 2
 switchport mode access
 speed nonegotiate
!
interface Vlan1
 no ip address
!
interface Vlan2
 no ip address
!
interface Vlan3
 no ip address
!
interface Vlan4
 ip address 10.40.0.1 255.255.0.0
!
interface Vlan5
 ip address 10.50.0.1 255.255.0.0
!
interface Vlan6
 ip dhcp client client-id Vlan6
 ip address dhcp
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.0.1
ip http server
ip http secure-server
!
!

control-plane
!

!
line con 0
 exec-timeout 300 0
 privilege level 15
 password 7 1511021F0725
 login authentication LOCAL
line vty 0 4
 exec-timeout 300 0
 privilege level 15
 password 7 1511021F0725
line vty 5 15
 exec-timeout 30 0
 password 7 112A1016141D
!
ntp clock-period 17180539
ntp peer 192.168.1.231
ntp peer 192.168.1.50
end

3550.SW#   
imbadatthis (TechnicalUser)
9 Feb 11 19:17
dude!!!!!

DHCP snooping is a DHCP security feature that provides security by filtering untrusted DHCP messages and by building and maintaining a DHCP snooping binding table. An untrusted message is a message that is received from outside the network or firewall and that can cause traffic attacks within your network.

CODE

ip dhcp snooping vlan 6

here ya go ;
http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.1/13ew/configuration/guide/dhcp.html#wp1073367
 

We must go always forward, not backward
always up, not down and always twirling twirling towards infinity.
 

orionpex (IS/IT--Management) (OP)
10 Feb 11 16:38
Ok I see what your seeing, and so I removed the snooping configuration on the box. Now I'm trying to rebuild the vlan and add all associated interfaces afterward.

let me see how it goes.
orionpex (IS/IT--Management) (OP)
10 Feb 11 20:58
imbadatthis,

man I attempted the whole thing all over again, and even erased the running config and started fresh without any trace of the dhcp snooping items. I ten created the vlan, then created the vlan interface and added the dhcp setting to it. I then edited the fastE port and added to the. the vlan was then no shut. and I watched the debug. I am still receiving the error message. still seeing the same output and error messages.  
orionpex (IS/IT--Management) (OP)
11 Feb 11 11:03
ok I managed to get my firewall to pull a dynamic ip through the vlan from my wireless router as a test. Now what I need to understand is that you managed to pull dynamip IP to your vlan23 that you pasted in one of your post. would you mind pasting your config, so I can see if I am missing something.  
imbadatthis (TechnicalUser)
11 Feb 11 14:13
do this :

int vlan 6
shut down

do not assume that its shut down until the switch tells you it is

then do a 'no shut' that should generate a proper dhcp request for your vlan interface.

CODE

C3550(config-if)#
*Apr 16 04:30:23.348: %LINK-5-CHANGED: Interface Vlan23, changed state to administratively down
*Apr 16 04:30:24.348: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan23, changed state to down
C3550(config-if)#no shut
C3550(config-if)#
*Apr 16 04:30:29.512: %LINK-3-UPDOWN: Interface Vlan23, changed state to up
*Apr 16 04:30:30.512: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan23, changed state to up
C3550(config-if)#
*Apr 16 04:30:30.588: %DHCP-6-ADDRESS_ASSIGN: Interface Vlan23 assigned DHCP address 10.254.23.3, mask 255.255.255.0, hostname c3550

Current configuration : 56 bytes
!
interface Vlan23
 ip address dhcp hostname c3550
end
Interface              IP-Address      OK? Method Status                Protocol
Vlan1                  unassigned      YES NVRAM  up                    up
Vlan6                  unassigned      YES unset  down                  down
Vlan23                 10.254.23.3     YES DHCP   up                    up

We must go always forward, not backward
always up, not down and always twirling twirling towards infinity.
 

imbadatthis (TechnicalUser)
11 Feb 11 14:13
orionpex, i know it seems like a minor thing... buuuuut you keep adding the IP dhcp client command BEFORE YOU bring the vlan up.

do this :

int vlan 6
shut down

do not assume that its shut down until the switch tells you it is

then do a 'no shut' that should generate a proper dhcp request for your vlan interface.

CODE

C3550(config-if)#
*Apr 16 04:30:23.348: %LINK-5-CHANGED: Interface Vlan23, changed state to administratively down
*Apr 16 04:30:24.348: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan23, changed state to down
C3550(config-if)#no shut
C3550(config-if)#
*Apr 16 04:30:29.512: %LINK-3-UPDOWN: Interface Vlan23, changed state to up
*Apr 16 04:30:30.512: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan23, changed state to up
C3550(config-if)#
*Apr 16 04:30:30.588: %DHCP-6-ADDRESS_ASSIGN: Interface Vlan23 assigned DHCP address 10.254.23.3, mask 255.255.255.0, hostname c3550

Current configuration : 56 bytes
!
interface Vlan23
 ip address dhcp hostname c3550
end
Interface              IP-Address      OK? Method Status                Protocol
Vlan1                  unassigned      YES NVRAM  up                    up
Vlan6                  unassigned      YES unset  down                  down
Vlan23                 10.254.23.3     YES DHCP   up                    up

We must go always forward, not backward
always up, not down and always twirling twirling towards infinity.
 

orionpex (IS/IT--Management) (OP)
12 Feb 11 20:35
I tried the shut and no shut, however I still get the same result.
I also rebuilt it all with the vlan being activated first prior to adding the the client command to the vlan. I am thinking that there is a another issue with the DHCP on the device.

######################

here is an output i got 15 min after shutting down the vlan

CODE

3550.sw(config)#
3550.sw(config)#                                             
1d04h: DHCP: Received a BOOTREP pkt Not for us..:  xid: 0xB602B0E1
1d04h: DHCP: Received a BOOTREP pkt Not for us..:  xid: 0xB602B0E1                 
1d05h: DHCP: Received a BOOTREP pkt Not for us..:  xid: 0x77D493DC                       
1d07h: DHCP: Received a BOOTREP pkt Not for us..:  xid: 0x3C891ADC
$                                                                                                                
1d19h: DHCP: Received a BOOTREP pkt Not for us..:  xid: 0x55DA5A1E
1d19h: DHCP: Received a BOOTREP pkt Not for us..:  xid: 0x55D         
1d21h: DHCP: Received a BOOTREP pkt Not for us..:  xid: 0xA8DF4640
1d21h: DHCP: Received a BOOTREP pkt Not for us..:  xid: 0xA8DF4640
1d22h: DHCP: Received a BOOTREP pkt Not for us..:  xid: 0x4434CFF2
1d23h: DHCP: Received a BOOTREP pkt Not for us..:  xid: 0x50DFB5E
1d23h: DHCP: Received a BOOTREP pkt Not for us..:  xid: 0x811CE91A
2d00h: DHCP: Received a BOOTREP pkt Not for us..:  xid: 0xD590C68B
3550.sw(config)#
3550.sw(config)#
3550.sw(config)#
2d03h: DHCP: Received a BOOTREP pkt Not for us..:  xid: 0x7B920838
2d03h: DHCP: Received a BOOTREP pkt Not for us..:  xid: 0x7B920838
3550.sw(config)#
3550.sw(config)#
3550.sw(config)#




Below here is the output right after I no shut the vlan.

CODE


3550.sw(config)#     
2d03h: DHCP: DHCP client process started: 10
2d03h: RAC: Starting DHCP discover on Vlan6
2d03h: DHCP: Try 1 to acquire address for Vlan6
2d03h: DHCP: allocate request
2d03h: DHCP: new entry. add to queue
2d03h: DHCP: SDiscover attempt # 1 for entry:
2d03h: DHCP: SDiscover: sending 279 byte length DHCP packet
2d03h: DHCP: SDiscover 279 bytes
2d03h:             B'cast on Vlan6 interface from 0.0.0.0
2d03h: %LINK-3-UPDOWN: Interface Vlan6, changed state to up
2d03h: DHCP: SDiscover attempt # 2 for entry:
2d03h: DHCP: SDiscover: sending 279 byte length DHCP packet
2d03h: DHCP: SDiscover 279 bytes
2d03h:             B'cast on Vlan6 interface from 0.0.0.0
2d03h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan6, changed state to up
2d03h: DHCP: SDiscover attempt # 3 for entry:
2d03h: DHCP: SDiscover: sending 279 byte length DHCP packet
2d03h: DHCP: SDiscover 279 bytes
2d03h:             B'cast on Vlan6 interface from 0.0.0.0%Unknown DHCP problem.. No allocation possible
2d03h: DHCP: Waiting for 5 seconds on interface Vlan6
2d03h: DHCP: Try 2 to acquire address for Vlan6
2d03h: DHCP: allocate request
2d03h: DHCP: zapping entry in DHC_PURGING state for Vl6
2d03h: DHCP: new entry. add to queue
2d03h: DHCP: SDiscover attempt # 1 for entry:
2d03h: DHCP: SDiscover: sending 279 byte length DHCP packet
2d03h: DHCP: SDiscover 279 bytes
2d03h:             B'cast on Vlan6 interface from 0.0.0.0
3550.sw(config)#
2d03h: DHCP: SDiscover attempt # 2 for entry:
2d03h: DHCP: SDiscover: sending 279 byte length DHCP packet
2d03h: DHCP: SDiscover 279 bytes
2d03h:             B'cast on Vlan6 interface from 0.0.0.0
3550.sw(config)#
3550.sw(config)#
2d03h: DHCP: SDiscover attempt # 3 for entry:
2d03h: DHCP: SDiscover: sending 279 byte length DHCP packet
2d03h: DHCP: SDiscover 279 bytes
2d03h:             B'cast on Vlan6 interface from 0.0.0.0
3550.sw(config)#
3550.sw(config)#
3550.sw(config)#
3550.sw(config)#
3550.sw(config)#
3550.sw(config)#%Unknown DHCP problem.. No allocation possible
2d03h: DHCP: Waiting for 10 seconds on interface Vlan6
2d03h: DHCP: deleting entry 25599CC 0.0.0.0 from list
2d03h: DHCP: Try 3 to acquire address for Vlan6
2d03h: DHCP: allocate request
2d03h: DHCP: zapping entry in DHC_PURGING state for Vl6
2d03h: DHCP: new entry. add to queue
2d03h: DHCP: SDiscover attempt # 1 for entry:
2d03h: DHCP: SDiscover: sending 279 byte length DHCP packet
2d03h: DHCP: SDiscover 279 bytes
2d03h:             B'cast on Vlan6 interface from 0.0.0.0
2d03h: DHCP: SDiscover attempt # 2 for entry:
2d03h: DHCP: SDiscover: sending 279 byte length DHCP packet
2d03h: DHCP: SDiscover 279 bytes
2d03h:             B'cast on Vlan6 interface from 0.0.0.0
2d03h: DHCP: SDiscover attempt # 3 for entry:
2d03h: DHCP: SDiscover: sending 279 byte length DHCP packet
2d03h: DHCP: SDiscover 279 bytes
2d03h:             B'cast on Vlan6 interface from 0.0.0.0
2d03h: DHCP: deleting entry 2E9C574 0.0.0.0 from list%Unknown DHCP problem.. No allocation possible
2d03h: DHCP: Waiting for 15 seconds on interface Vlan6

 
Quadratic (ISP)
15 Feb 11 18:59
Is your service provider doing static DHCP for your public address block? Even off of a modem, more often than not they'll ask you to hard-code the static IPs on your end. Your modem would still be able to pass DHCP discovers/requests to the upstream CMTS, and even lease IPs, but it wouldn't be the IPs you need. Make 100% certain if your ISP is routing a block to you (most likely) or doing static DHCP.
 

CCNP, CCDP, CCIP

imbadatthis (TechnicalUser)
16 Feb 11 9:08
Quadratic, he says he can get IP address through DHCP if he doesn't put both interfaces on vlan 6 which is the confusing part for me.
 

We must go always forward, not backward
always up, not down and always twirling twirling towards infinity.
 

orionpex (IS/IT--Management) (OP)
16 Feb 11 15:20
Correction guys, what I stated is that I can not pull an IP address on the vlan interface as imbadatthis did on his output. It does not work whether I use 1 or all the ports.

fast0/48 <<<- I plugged either into the wireless or the cable modem for testing
fast0/46 <<<- Connection from my firewall
fast0/47 <<<- Connection from my Server
fast0/45 <<- Connection from my TermServer

all of them are assigned to vlan6.
current issue I can not pull an IP address to the vlan interface no matter the setup.


Additionally, I can pull an IP through the Vlan via fastE 0/46 onto my firewalls WAN port. However this only occurs when I plug the 3550 into my wireless and use it.So when I swap the the connection from my wireless directly to the cable modem, I get nothing.

Nevertheless, no matter which format I use, that being wireless or cable modem; I still receive the errors show in the debug output.   
Quadratic (ISP)
27 Feb 11 19:53
Orionpex: Can you confirm 100% what method your service provider expects you to use to connect to their network? Can you confirm if they intend for you to use DHCP, or to hard-code that address yourself? Do whatever method they say is intended, and attempt a laptop test or similar to confirm if you can get any level of connectivity to the intended default gateway, even with the simplest design.


imbadatthis: It's possible for a "static IP customer" to connect to the cable modem and use DHCP to lease a different, dynamic IP.

From the provider's perspective, *usually* you'd set up a static IP customer by assigning the static's default gateway as a secondary IP on the CMTS's cable interface, allowing the customer (or technically anyone connecting on that Cable interface) to use it. Since the modem is effectively just acting as an L2 bridge for the customer equipment, and multiple customers are connecting on a shared broadband segment, technically there's no hard association between a customer's cable modem and their static IP, nor will a modem reject a DHCP attempt to lease a dynamic IP. There are other ways to do it, including static DHCP based on the customer MAC address, but that is more overhead and more rare for a provider to impliment, thus the secondary IP method seems to be the most popular.

Bottom line is that the perceived association between a modem and the static IP assigned to a business *usually* doesn't exist, and is a bit of a misconception.
 

CCNP, CCDP, CCIP

orionpex (IS/IT--Management) (OP)
28 Feb 11 0:39
I bypassed the 3550 and just put a repeater in between the cable modem and equipment which allowed me to pull the addresses on to my equipment. Ultimately the issue seems to be with my 3550, either configuration issue or possible code issue, nevertheless something I need to resolve  
VinceWhirlwind (TechnicalUser)
28 Feb 11 1:33
I'd be putting "portfast" on the switchports, myself.
 
Another thing is - are you getting a link light on fa0/48 when you connect your switch to the cable modem?

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Back To Forum

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close