Unsolved
This post is more than 5 years old
6 Posts
0
39742
DHCP Relay 62xx Switches
I have three 62xx (2-6248 and 1-6224) switches that serve as my core network. Each switch is in a different building or different floor and they are connected using CX4 or XFP 10GB links. I am new to VLANs and I am experimenting with a test VLAN at the moment. Currently everything is in a flat architecture in the native VLAN 1.
For this test I successfully created two VLANs on one 6248 (in the server room) and the 6224 in the downstairs wiring closet. I put the 10Gb link between the two into general mode and allowed traffic from VLAN 1,40 and 125. The 6248 in the server room will serve as my layer 3 device to route between the VLANs and I have routing enabled on that switch. I put one port on the 6224 into access mode on VLAN 40. I also moved the management VLAN for the 6224 to 125. If I statically assign an IP address to a test machine connected to the single access port on the 6224, I can ping the gateway interface on the 6248 for both VLANs as well as the management interface of the 6224. My problem comes in when I try to get DHCP to work on this box. I can't get my test machine on the access port to get an IP address from our DHCP server. I have created a scope on that server for that subnet and I have setup the helper-address to point to the DHCP server on the L3 device.
When I look in the logs on the 6248 I see where the DHCP request arrives on VLAN 40 but the switch gives the following error.
DHCP client message received on port 1/0/49 VLAN 40 from client 00:26:b9:d7:c6:ee has seconds field set to 0. Value is less than the minimum 60. Dropping.
What does this mean and how would you go about troubleshooting this?
My DHCP server is on VLAN 1 and I know that the 62xx switches do not route on VLAN 1. Is that part of the problem or is there a configuration issue here?
DELL-Willy M
802 Posts
0
July 10th, 2013 11:00
You need to take a look at the IP helper command it allows the relay of DHCP packets to the network where the DHCP server is located. Otherwise the DHCP traffic will be dropped if there is no DHCP server in that specific VLAN.
Page 711 starts the discussion about IP helper in the CLI User Guide found below.
ftp://ftp.dell.com/Manuals/all-products/esuprt_ser_stor_net/esuprt_powerconnect/powerconnect-6248_Reference%20Guide_en-us.pdf
Brad-Overstreet
6 Posts
0
July 10th, 2013 13:00
I have tried the IP helper. I configured the helper globally to send DHCP to the DHCP server address. After that I configured it for just VLAN 40 and finally I configured it in both places. None of which worked. Below is a copy of the config from the 6248.
show run
!Current Configuration:
!System Description "PowerConnect 6248, 3.3.7.2, VxWorks 6.5"
!System Software Version 3.3.7.2
!Cut-through mode is configured as disabled
!
configure
gvrp enable
vlan database
vlan 40,125
vlan routing 40 1
vlan routing 125 2
exit
snmp-server location "Main Building - Second Floor - Room 201"
snmp-server contact "Brad Overstreet"
hostname "101-2-201-PC6248-1"
sntp unicast client enable
sntp client poll timer 1024
sntp server 192.168.200.17
clock summer-time recurring USA zone "CDT"
clock timezone -6 minutes 0 zone "CST"
stack
member 1 2
exit
ip address 192.168.200.83 255.255.255.0
ip default-gateway 192.168.200.90
ip domain-name automationtool.com
ip name-server 192.168.200.17
ip name-server 192.168.200.19
ip routing
bootpdhcprelay minwaittime 60
ip helper-address 192.168.200.17 time
ip helper-address 192.168.200.19 time
ip helper-address 192.168.200.17 dhcp
ip helper-address 192.168.200.17 ntp
ip helper-address 192.168.200.19 ntp
interface vlan 40
name "TEST"
routing
ip address 172.31.40.1 255.255.255.0
ip helper-address 192.168.200.17 dhcp
exit
interface vlan 125
name "Management"
routing
ip address 192.168.125.1 255.255.255.0
exit
ip ssh server
!
interface ethernet 1/g1
channel-group 9 mode auto
exit
!
interface ethernet 1/g2
channel-group 9 mode auto
exit
!
interface ethernet 1/g3
channel-group 11 mode auto
exit
!
interface ethernet 1/g4
channel-group 11 mode auto
exit
!
interface ethernet 1/g5
channel-group 10 mode auto
exit
!
interface ethernet 1/g6
channel-group 10 mode auto
exit
!
interface ethernet 1/g7
channel-group 10 mode auto
exit
!
interface ethernet 1/g8
channel-group 10 mode auto
exit
!
interface ethernet 1/g9
channel-group 8 mode auto
exit
!
interface ethernet 1/g10
channel-group 8 mode auto
exit
!
interface ethernet 1/g11
channel-group 8 mode auto
exit
!
interface ethernet 1/g12
channel-group 8 mode auto
exit
!
interface ethernet 1/g13
channel-group 7 mode auto
exit
!
interface ethernet 1/g14
channel-group 7 mode auto
exit
!
interface ethernet 1/g15
channel-group 7 mode auto
exit
!
interface ethernet 1/g16
channel-group 7 mode auto
exit
!
interface ethernet 1/g17
channel-group 6 mode auto
exit
!
interface ethernet 1/g18
channel-group 6 mode auto
exit
!
interface ethernet 1/g19
channel-group 6 mode auto
exit
!
interface ethernet 1/g20
channel-group 6 mode auto
exit
!
interface ethernet 1/g21
channel-group 5 mode auto
exit
!
interface ethernet 1/g22
channel-group 5 mode auto
exit
!
interface ethernet 1/g23
channel-group 5 mode auto
exit
!
interface ethernet 1/g24
channel-group 5 mode auto
exit
!
interface ethernet 1/g25
channel-group 4 mode auto
exit
!
interface ethernet 1/g26
channel-group 4 mode auto
exit
!
interface ethernet 1/g27
channel-group 4 mode auto
exit
!
interface ethernet 1/g28
channel-group 4 mode auto
exit
!
interface ethernet 1/g29
channel-group 3 mode auto
exit
!
interface ethernet 1/g30
channel-group 3 mode auto
exit
!
interface ethernet 1/g31
channel-group 3 mode auto
exit
!
interface ethernet 1/g32
channel-group 3 mode auto
exit
!
interface ethernet 1/g33
channel-group 2 mode auto
exit
!
interface ethernet 1/g34
channel-group 2 mode auto
exit
!
interface ethernet 1/g35
channel-group 2 mode auto
exit
!
interface ethernet 1/g36
channel-group 2 mode auto
exit
!
interface ethernet 1/g37
channel-group 1 mode auto
exit
!
interface ethernet 1/g38
channel-group 1 mode auto
exit
!
interface ethernet 1/g39
channel-group 1 mode auto
exit
!
interface ethernet 1/g40
channel-group 1 mode auto
exit
!
interface ethernet 1/g41
channel-group 13 mode auto
exit
!
interface ethernet 1/g42
channel-group 13 mode auto
exit
!
interface ethernet 1/g43
channel-group 13 mode auto
exit
!
interface ethernet 1/g44
channel-group 13 mode auto
exit
!
interface ethernet 1/g45
channel-group 12 mode auto
exit
!
interface ethernet 1/g46
channel-group 12 mode auto
exit
!
interface ethernet 1/g47
channel-group 12 mode auto
exit
!
interface ethernet 1/g48
channel-group 12 mode auto
exit
!
interface ethernet 1/xg1
gvrp enable
gvrp vlan-creation-forbid
gvrp registration-forbid
switchport mode general
switchport general allowed vlan add 40,125 tagged
exit
!
interface port-channel 2
description 'ATCSQL'
exit
!
interface port-channel 3
description 'ATCNS2'
exit
!
interface port-channel 4
description 'ATCACCT'
exit
!
interface port-channel 5
description 'PC5324-1'
exit
!
interface port-channel 6
description 'PC5324-2'
exit
!
interface port-channel 7
description 'PC5324-3'
exit
!
interface port-channel 8
description 'ATCMAIL2'
exit
!
interface port-channel 9
description 'ATCNS1'
switchport mode general
switchport general allowed vlan add 40 tagged
exit
!
interface port-channel 10
description 'NEWSQL'
exit
!
interface port-channel 11
description 'ATCCRM'
exit
!
interface port-channel 12
description 'ATCFPS2'
exit
!
interface port-channel 13
description 'ATCFPS1'
exit
snmp-server group DefaultRead v3 noauth notify Default read Default write Default
exit
DELL-Willy M
802 Posts
0
July 10th, 2013 15:00
I currently do not see a port with access mode for VLAN 40 in the configuration that you provided. You may need to set portfast on the port that you are trying to get DHCP addressing. If the messages are timing out then portfast should help cut down on the STP convergence and allow the port to go into a forwarding state.
Brad-Overstreet
6 Posts
0
July 10th, 2013 16:00
The port that is in access mode is on the 6224. It communicates with the 6248 over the VLAN trunk (1/xg1). The configuration of the 6224 is shown below. Note that port 1/xg1 is configured as the trunk port on the 6224 as well. Also note that 1/g23 is the port set to access mode.
!Current Configuration:
!System Description "PowerConnect 6224, 3.3.7.2, VxWorks 6.5"
!System Software Version 3.3.7.2
!Cut-through mode is configured as disabled
!
configure
vlan database
vlan 40,125
exit
snmp-server location "Main Building - First Floor - Room 117"
snmp-server contact "Brad Overstreet"
hostname "101-1-117-PC6224-1"
sntp unicast client enable
sntp client poll timer 1024
sntp server 192.168.200.17
sntp server 192.168.200.19 priority 2
clock summer-time recurring USA zone "CDT"
clock timezone -6 minutes 0 zone "CST"
stack
member 1 1
exit
ip address 192.168.125.85 255.255.255.0
ip default-gateway 192.168.125.1
ip address vlan 125
ip domain-name automationtool.com
ip name-server 192.168.200.17
ip name-server 192.168.200.19
logging file info
router rip
auto-summary
default-metric 1
exit
interface vlan 40
name "TEST"
exit
interface vlan 125
name "Management"
exit
!
interface ethernet 1/g1
channel-group 1 mode auto
exit
!
interface ethernet 1/g2
channel-group 1 mode auto
exit
!
interface ethernet 1/g3
channel-group 1 mode auto
exit
!
interface ethernet 1/g4
channel-group 1 mode auto
exit
!
interface ethernet 1/g7
channel-group 4 mode auto
exit
!
interface ethernet 1/g8
channel-group 4 mode auto
exit
!
interface ethernet 1/g9
channel-group 4 mode auto
exit
!
interface ethernet 1/g10
channel-group 4 mode auto
exit
!
interface ethernet 1/g11
channel-group 5 mode auto
exit
!
interface ethernet 1/g12
channel-group 5 mode auto
exit
!
interface ethernet 1/g13
channel-group 5 mode auto
exit
!
interface ethernet 1/g14
channel-group 5 mode auto
exit
!
interface ethernet 1/g15
channel-group 6 mode auto
exit
!
interface ethernet 1/g16
channel-group 6 mode auto
exit
!
interface ethernet 1/g17
channel-group 6 mode auto
exit
!
interface ethernet 1/g18
channel-group 6 mode auto
exit
!
interface ethernet 1/g23
spanning-tree portfast
switchport access vlan 40
exit
!
interface ethernet 1/xg1
gvrp enable
gvrp vlan-creation-forbid
gvrp registration-forbid
switchport mode general
switchport general allowed vlan add 40,125 tagged
exit
!
interface port-channel 1
description 'MB_1_117_PC5448_3'
exit
!
interface port-channel 4
description 'MB_1_117_PC5448_1'
exit
!
interface port-channel 5
description 'MB_1_117_PC5448_2'
exit
!
interface port-channel 6
description 'ATCBACKUP'
exit
exit
Brad-Overstreet
6 Posts
0
July 11th, 2013 10:00
Ok I have been using Wireshark to inspect the network traffic. I modified the configuration of the 6248 switch so that IP helper-address was defined only for the specific VLAN where it was needed. I confirmed via Wireshark that the DHCP discover broadcast is making it to the DHCP server and that the server is sending an offer out. However it appears that the offer is never making it back to the client computer.
Is this happening because the DHCP server is in the native VLAN and the 6248 will not route packets in this VLAN or do I have a configuration issue?
DELL-Willy M
802 Posts
1
July 11th, 2013 11:00
From the interface ethernet 1/g23 can you ping the DHCP server successfully? When you have a static IP set for VLAN 40.
I do not see the IP helper set in the above configuration. The DHCP packets will not traverse outside off the switch
console(config)#ip helper enable
To relay both DHCP and DNS packets to 192.168.30.1, use the following commands:
console#config
console(config)#ip helper enable
console(config)#interface vlan 5
console(config-if-vlan5)#ip helper-address 192.168.30.1 dhcp
console(config-if-vlan5)#ip helper-address 192.168.30.1 dns
I typed the above out earlier and got delayed on posting it. I see your response came in about wireshark and VLAN 1. The management VLAN is not routable on the 6200 model switches. I would avoid using VLAN 1 for any traffic when you have multiple VLANs set up.