Forgot password?
 Register now

Welcome to use this form to feedback your problems with Ruijie Community

The category of your feedback

Your Feedback

Your Email address (optional):

Troubleshooting DHCP Reply

Crystal

Level 1

Troubleshooting DHCP
12474 1 2018-4-9 10:18:24
Original
Client workstations fail to obtain IPaddress or obtain incomplete information (for example, obtain only IP addresswithout DNS information).
Choose Start> Control Panel > Network and Sharing Center, and clickthe local connection for activating a network interface card.
You can also choose Start > Run, andinput cmd in the dialog box, andthen input ipconfig /all in the cmd command line window.
Identify the fault symptom.

0 2018-4-9 19:05:44 View all replies
Possible Causes
1) The PC or operating system is faulty.
2) The environment has problems (such asloops or attacks)
The physical link is disconnected.
3) The device configurations are incorrector improper, mainly including:
The DHCP Snooping trust interface isincorrect configured.
The VLAN allocation on the switch isincorrect and the IP address of the layer-3 interface is not configured on theDHCP server.
The relay function is not enabled on thelayer-3 interface.
No IP address pool is configured on theDHCP server or the IP address pool is configured with excluded addresses, whichcauses that no available IP addresses in the IP address pool.
The lease time configured for the DHCPserver is too long, and no IP addresses can be released.
The network segment configuration for theIP address pool of the DHCP server is incorrect.
The switches are not enabled with DHCP.
4) The performance of the DHCP server isinadequate.
5) The software version has defects.
6) The DHCP architecture is incorrect:
When the DHCP relay and DHCP Snooping aredeployed on the network of the customer, the enabling positions are improper,which causes that the client cannot obtain DHCP normally.
Cause: The DHCP relay will modify thesource MAC address (modify to the MAC address of the dhcp relay) of a DHCPpacket sent by the PC. If the DHCP relay is deployed before dhcp snoopingdevice, the DHCP packet will be discarded by the snooping device.
Correct architecture deployment:
(1) Deploy the DHCP Snooping and DHCP relayfunction on the same device, eg, PC – Device(deploy DHCPSnooping and DHCP Relay simultaneously)–Device(deploy DHCP Server).
(2) Deploy DHCP Snooping on the downlinkdevice of the DHCP relay, eg,PC -- Device(deploy DHCP Snooping) -- Device(deployDHCP Relay) -- Device(deploy DHCP Server).

Troubleshooting Procedure
Step 1: Check the client and operatingsystem.
Step 2: Check the network environment.
Step 3: Check whether the network deviceconfigurations are correct.
Step 4: Check whether the performance ofthe DHCP server is adequate.
Step 5: Check the software versions ofnetwork devices.
Step 6: Collect information and contactruijie post-sale for help.
Step1: Check the client and operating system.
1. Identify the fault symptom and checkwhether the client is configured to dynamically obtain IP addresses. As shownin the following picture.
                              
2. Check whether a single client or manyclients fail to obtain IP addresses automatically. If many clients fail toobtain IP addresses, go to the next step.
If thisfault occurs only on a single client, you can install packet capturing softwareon the PC, or perform mirroring and packet capturing on the access switch tocheck whether the PC sends DHCP discover packets normally.
If not,you can attempt to disable and then enable the network interface card. For adiskless system, it is recommended to make a diskless server system.
If DHCPdiscover packets can be normally sent, retain the packets captured and go tothe next step.
Step2: Check the network environment.
1. Check whether the physical link between the client andserver is normal.
Configurethe PC to use a static IP address and gateway. If you are sure that the switchis not configured with the IP source-guard function, ping the IP address of theserver to check the connection. If the IP address can be successfully pinged,the delay is smaller than 100ms, and no packet loss or jitter occurs, itindicates that the connection is normal, namely, the physical link is notfaulty. Go to the next step for fault locating. If the IP address fails to bepinged, the delay is large, or packet loss occurs, it indicates that thephysical link is faulty or the server is unstable due to environment problems.In this case, you need to perform packet capturing from the client to the DHCPserver node by node to identify the cause for the packet loss or large delay.
2. Check whether the link is disconnected. If yes,correctly connect the interfaces. Check whether the route of the devices iscorrect. If not, adjust the route.
If thefault persists, check whether the CPU usages of the switches along the routeare high, especially when a device is used as the DHCP server. If the CPU usageof a switch is high, locate the cause by using <<>>.
If thefault still persists, go to the next step.
Step3: Check whether the configurations of network deviceare correct.
In a DHCP network, devices are classifiedinto the DHCP relay, DHCP server and DHCP Snooping. DHCP Snooping ensures DHCPsecurity and prevents static IP configuration, which can be used together withDAI to prevent ARP spoofing. A device may have one or more roles in the network(forexample, a device can be configured as dhcp server and dhcp snoopingsimultaneously). Check whether the basic configurations are correct by usingthe following methods.
1. Login to an access switch through the Console port, and then run the show run command to display theconfigurations.
2. Compare the following typical configurations tocheck whether the DHCP configurations of the device are correct.
Recommendedconfigurations when a Ruijie switch is used as a DHCP server:
1)     Enable DHCP.
         Ruijie(config)#service dhcp
         /*DHCP must be configured onthe switch.*/
2)     Configure the DHCP addresspool.
         Ruijie(config)#ip dhcp pool vlan2   
         /*Create a DHCP address poolnamed valn2.*/
         Ruijie(dhcp-config)#lease 1 2 3   
         /*1, 2 and 3 indicate one day, tow hours and three minutes respectively.The default period for releasing the IP address of a Ruijie switch is 24hours.*/
         Ruijie(dhcp-config)#network 192.168.2.0255.255.255.0   
         /*The IP addresses that canbe assigned are in the range of 192.168.2.1~192.168.2.253.*/
         Ruijie(dhcp-config)#dns-server8.8.8.8  6.6.6.6      
         /*8.8.8.8 is the primary DNSand the 6.6.6.6 is the secondary DNS.*/
         Ruijie(dhcp-config)#default-router 192.168.2.254  
         /*Configure the gateway IP address.*/
         Ruijie(dhcp-config)#exit
         Ruijie(config)#ip dhcp pool vlan3
         Ruijie(dhcp-config)#network 192.168.3.0255.255.255.0
         Ruijie(dhcp-config)#dns-server8.8.8.8
         Ruijie(dhcp-config)#default-router 192.168.3.254
         Ruijie(dhcp-config)#exit
3)     Reserve certain IP addresses.
         Ruijie(config)#ip dhcp excluded-address192.168.2.1 192.168.2.10   
         /*The IP addresses 192.168.2.1~~192.168.2.10 will not be assigned toclients.*/
4)     Configure the DHCP IPaddresses to be statically assigned.
     Ruijie(config)#ip dhcp pool test
     Ruijie(dhcp-config)# client-identifier01bc.aec5.4bca.8d   
         /*Add the Ethernet flag 01 to the fixed MAC:bcae.c54b.ca8d, which will be01bc.aec5.4bca.8d.*/
     Ruijie(dhcp-config)# host 192.168.2.2255.255.255.0  
         /*Configure IP address andmask.*/
     Ruijie(dhcp-config)# dns-server 8.8.8.86.6.6.6   
         /*Configure primary DNS8.8.8.8 and secondary DNS 6.6.6.6.*/
     Ruijie(dhcp-config)# default-router 192.168.2.254  
         /*Assigned gateway.*/
         Ruijie(dhcp-config)#ip dhcpexcluded-address 192.168.1.1 192.168.1.100
         /*The 100 IP addresses 1.1---1.100 areexcluded and cannot be assigned.*/
5)     Recommended configurationswhen a Ruijie switch is used as a DHCP relay:
Enable DHCP.
         Ruijie(config)#service dhcp
Configure the DHCP relay.
         Ruijie(config)#ip helper-address 172.16.1.2   
         /*172.16.1.2 is the IP address of the DHCP server.*/
Notes

n  A DHCPrelay must be configured if the DHCP server and the user gateway are not in thesame network segment. This configuration example does not include theconfiguration of a layer-3 interface. Generally, the relay is configured on alayer-3 gateway either based on a layer-3 interface or globally in the system.If the relay (ip helper-address) is configured both based on the layer-3interface and globally in the system, the relay IP address configured based onthe interface is used as the server IP address in priority; However, globalconfiguration is sufficient.
n  Aswitch will put the IP address of the layer-3 interface into DHCP packets asthe relay IP address and convert the packets into unicast packets. Generally(except that the DHCP server is configured with IP address assignment based onthe Option field), the DHCP server assigns an IP address in the same segment asthe relay IP address to a PC. On a layer-2 switch (such as S21 switch), onlyone management IP address segment is activated by default; therefore, it is notrecommended to enable the relay configuration except for IP address assignmentin the DHCP Option field.
Recommendedconfigurations when a Ruijie switch is used as a DHCP Snooping:
EnableDHCP Snooping on an access switch.
Ruijie(config)#ipdhcp snooping     
/*Enable DHCP Snooping.*/
Configurethe interface for connecting to the DHCP server as a trust interface.
          Ruijie(config)#int FastEthernet0/24
Ruijie(config-FastEthernet0/24)#ip dhcp snooping trust
/*All interfaces of a switch enabled with DHCP Snooping are untrustinterfaces by default. The switch forwards only DHCP response packets (offer,ACK and NAK) received from a trust interface.Therefore, you must ensure thatthe interface for connecting to the DHCP server in the uplink is enabled withtrust.*/
          Configure the dhcp snooping ver mac-address command in global configuration mode.
              Ruijie(config)#ip dhcp snoopingverify mac-address
/*It is recommended to enable prevention against IP address exhaustionattacks. If the source MAC addresses are not matched with MAC addresses in theClient field, DHCP request packets will be discarded.*/
Notes

n  Forother optional configurations such as preventing users from manually setting IPaddresses and preventing ARP spoofing, refer to the settings in the TypicalConfiguration Cases About Ruijie Middle- and Low-End Switches. When faultsoccur, ensure that users can obtain IP addresses by using the simplestconfigurations.
                  
3.Check whether the DHCP configurations ofthe device are correct based on the preceding typical configurations andwhether users can obtain IP addresses dynamically by using the simplestconfigurations.
Focuson the following configurations in checking:
·       The trust interface of theDHCP Snooping is configured only on the uplink interface. If it is notconfigured, add the trust configuration of the uplink interface.
·       Ensure that the VLANscorresponding to the user network segments are correctly assigned on the switchand that the network segments corresponding to layer-3 interfaces are withinthe IP address pool on the DHCP server and are not configured as excluded IPaddresses (ip dhcp excluded-address. If they are configured as excluded IPaddresses, there will be no IP addresses in this segment that can be assignedin the IP address pool.)
·       If the DHCP server and theuser gateway are not in the same network segment, ensure that the relayfunction is enabled based on a layer-3 interface or globally. Check whetherthere is a route between the relay and server. If yes, ensure that the route isnormal.
·       For scenarios that arefrequently changed such as the hotel industry, it is recommend you set thelease period within 24 hours to avoid that IP addresses cannot be released dueto long lease period of the DHCP server.
·       The network segmentconfigurations of the gateway and DNS corresponding to the IP address pool ofthe DHCP server must be correct.
If thefault still persists, go to the next step.
Step4: Check whether the performance of the DHCP server isadequate.
1. Check whether the capacity andperformance of the DHCP server are exceeded.
2. Check whether there are available IPaddresses in the address pool.
Run theshow ip dhcp server statisticscommand to check whether there are available IP addresses in the address pool.
Ifthere are no available IP addresses, run the clear ip dhcp conflict command to check whether there are IPaddresses that have expired and whether the IP addresses and the interface IP addressesare in the same network segment.
Ifthere are no IP addresses that have expired, run the show ip dhcp conflict command to check whether there are IPaddresses in conflict, which causes that the IP addresses are unavailable. Ifmany entries are found, you can run the clearip dhcp conflict command for clearing and then check whether there are IPaddresses in conflict by obtaining IP addresses.
Afterthe preceding steps are completed, if there are no IP addresses that areavailable, have been expired and are in conflict in the address pool, itindicates that the IP addresses in the address pool are exhausted.
3. Increase available IP addresses in theaddress pool.
Step5: Collect fault information and submit the case tothe service portal.
If the fault still persists, collect thefollowing information (recorded operation results and logs) and submit thefault to the service portal (case.ruijienetworks.com) for further handling.
showrunn
showlog
showdhcp lease
show ipdhcp binding
show ipdhcp conflict
show ipdhcp server statistics
Collect thelogs recorded during fault locating, and packets captured when the clientobtains IP address via DHCP server.

Related Posts
Product Model

Share this topic to

Cancel

This site contains user submitted content, comments and opinions and is for informational purposes only. Ruijie may provide or recommend responses as a possible solution based on the information provided; every potential issue may involve several factors not detailed in the conversations captured in an electronic forum and Ruijie can therefore provide no guarantee as to the efficacy of any proposed solutions on the community forums. Ruijie disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Ruijie Community Terms of Use.

More ways to get help: Visit Support Videos, call us via Service Hotline, Facebook or Live Chat.

©2000-2023 Ruijie Networks Co,Ltd