Dhcp relay and option 82 on solaris 10

Similar Messages

• Windows DHCP Server and Linux DHCP Relay Agent

  We are trying to organize a VLAN (say VLAN 1) for guests who must be assigned IP addresses from a DHCP server in a different VLAN (VLAN 2). This DHCP server is configured with two scopes - 172.16.0.0/24 (for VLAN 2) and 172.16.4.0/24 (for the Guests
  VLAN 1). The DHCP server successfully distributes addresses to clients in its VLAN (it has the IP address 172.16.0.2). For the clients in the other VLAN a DHCP Relay Agent has been setup on the router. It is DHCRELAY running on Linux (CentOS) which has
  been configured to accept the DHCPDISCOVER broadcasts coming on the VLAN1 interface of the router and forward these to the DHCP server. The IP address of the VLAN1 interface of the router is 172.16.4.254 and on the VLAN2 interface - 172.16.0.254
  The problem is that the DHCP server won't respond with a DHCPOFFER message to the relay agent. I have traced the frames on the router and on the DHCP server. They arrive on the DHCP server with the correct GIADDR of the relay agent. According to all documentation,
  if a scope has been configured on the DHCP server and it receives a unicast message with the GIADDR set by a relay agent that matches one of the configured scopes, the DHCP server must send a unicast DHCPOFFER to the relay agent. But it doesn't.
  Here is what Wireshark reports (ignore the Destination port unreachable messages, the DHCP service was stopped at the time Wireshark was running)
  When the service is running, there are just DHCPDISCOVERs - no OFFER. You can see that the server has the two scopes configured:
  The relay agent seems to work normally - it forwards the DHCPDISCOVERs to the server continuously (tried many times with ipconfig /renew on the client).
  I read many posts about this problem. Some users had other services running on the DHCP server that used the DHCP port, but I don't have such an issue (you see that when the service is stopped, an ICMP port unreachable is sent which is correct). Others however
  did not find a solution. Am I missing something? Is there something specific when using the DHCRELAY agent from DHCPD? Can I turn on some verbose logging to track this down? Thanks in advance.

  WIth DHCP, there is really nothing to configure. If the Relay Agent/IP Helper is pointing to it, and the VLAN subnet exactly matches the scope subnet, then it should just work.
  What I've seen in the VLAN config is either a static route back to the subnet the DHCP server itself is sitting on is not configured or incorrectly configured, or there are ports blocked (need UDP, too, since that's what DHCP uses to pass the OFFER), and
  other necessary ports are opened, then it should just work.
  Sometimes NIC teaming on the DHCP server will cause it. Not sure. Microsoft doesn't support teaming prior to Windwos 2012, but it doesn't mean that it doesn't work. Don't get me wrong, teaming works nicely, but they just don't support it because they never
  certified the drivers, that's all.
  The issues I've seen with DHCP relays and VLANs in the forums are usually based on misconfigs in the VLAN or ports blocked. Sometimes we'll refer to call Microsoft Support for specific, hands-on assistance. And searching the threads, from what
  I've found that if they did call support, they've never posted back what the problem was based on or the resolution. I can post a couple of them for you to read through, but there were never any response with the actual resolution.
  If you like, you also have the option to contact Microsoft Support. Here's a list of phone numbers if you choose this option:
  http://support.microsoft.com/contactus/
  Ace Fekay
  MVP, MCT, MCITP/EA, MCTS Windows 2008/R2 & Exchange 2007, Exchange 2010 EA, MCSE & MCSA 2003/2000, MCSA Messaging 2003
  Microsoft Certified Trainer
  Microsoft MVP - Directory Services
  Technical Blogs & Videos: http://www.delawarecountycomputerconsulting.com/
  This post is provided AS-IS with no warranties or guarantees and confers no rights.

• 3000 series and Multiple DHCP scopes (DHCP-relay)

  I need to send different DHCP options to users; however, I need to put certain groups in different subnets. Is it possible to setup the concentrator to relay for addresses from different scopes?

  - Configuration
  - System
  - IP Routing
  - DHCP Relay
  a. Enable 'Enabled' checkbox
  b. Select Forward to
  c. Address == 192.168.10.8 255.255.255.0
  - Address Management
  - Assignment
  a. Enable 'Use DHCP'
  - User Management
  - Groups
  - Select 'groupA'
  - Modify Group
  - Click General tab
  - Enter 'DHCP Network Scope' x.x.x.x
  - Select 'groupA'
  - Remove Address Pool
  Now I get the following error:
  118 02/08/2005 13:29:00.720 SEV=3 DHCPDBG/39 RPT=34
  DHCP discover timeout: no response from polled servers (xid 3821297335)
  I can ping the server, and it is serving up this scope to other devices (just not from the concentrator)

• DNS discovery and option 43 in DHCP which is prior

  We have both DNS  and Option 43  contorller discovery ways in one network but they direct to different WCL .
  I just want to know which one is more aggressive to advertise the IP address of controller.
  thank you in advance.

  I need to know what's the procedure for LAP when looking for WLC ? which one will be the first ? DNS looking for option or DHCP option ? 
  thank you
  Scott Fella wrote:Here is a link to the AP's selection process. Also in the link the how the AP will choose which WLC.
  After the LAP completes steps 1 to 5 of the Layer 3 LWAPP WLC Discovery Algorithm, the LAP selects a WLC from the candidate WLC list and sends that WLC an LWAPP join request.
  WLCs embed this important information in the LWAPP discovery response:
  The controller sysName
  The controller type
  The controller AP capacity and its current AP load
  The Master Controller flag
  An AP-manager IP address
  The LAP uses this information to make a controller selection, with use of these precedence rules:
  http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00806c9e51.shtml#topic3
  Sent from Cisco Technical Support iPhone App

• ASA Hub-and-spoke VPN dhcp-relay

  Hi!
  Have anyone implemented a solution with a hub-and-spoke IPSEC VPN (running ASA) with dhcp relay for the inside clients on the spoke. With the DHCP server on the hub site?
  Normal LAN-LAN IPSEC VPN is a bit cumbersome to configure something like below: 
  SPOKE
  <snip>
  access-list CRYPTO_ALLOWED extended permit ip INSIDE-NETWORKS any
  #ALL INTERNET ACCESS GOES THROUGH THE SPOKE SITE
  access-list CRYPTO_ALLOWED extended permit udp host OUTSIDE_IF_ADDR host HUB_DHCP_SERVER_ADDR eq bootps
  access-list CRYPTO_ALLOWED extended permit udp host OUTSIDE_IF_ADDR host HUB_DHCP_SERVER_ADDR eq bootpc
  nat (INSIDE,OUTSIDE) source static CRYPTO_ALLOWED CRYPTO_ALLOWED destination static OSKO-INTERNET OSKO-INTERNET route-lookup
  dhcprelay DHCP-SERVER outside
  dhcprelay enable INSIDE
  dhcprelay setroute INSIDE
  dhcprelay timeout 60
  HUB
  <snip>
  access-list CRYPTO_ALLOWED_TO_SPOKE extended permit ip 0.0.0.0 0.0.0.0 HUB_NETWORKS
  access-list CRYPTO_ALLOWED_TO_SPOKE extended permit udp host HUB_DHCP_SERVER_ADDR host SPOKE_OUTSIDE_ADDR eq 67
  access-list CRYPTO_ALLOWED_TO_SPOKE extended permit udp host HUB_DHCP_SERVER_ADDR host SPOKE_OUTSIDE_ADDR eq 68
  nat (INSIDE,OUTSIDE) source static ANY ANY destination static SPOKE_NETWORKS SPOKE_NETWORKS
  nat (INSIDE,OUTSIDE) source static HUB_DHCP_SERVER_ADDR HUB_DHCP_SERVER_ADDR destination static SPOKE_OUTSIDE_ADDR SPOKE_OUTSIDE_ADDR
  ### HUB INTERNET ACCESS ##
  nat (OUTSIDE,OUTSIDE) source dynamic SPOKE_NETWORKS interface
  I can't really apply this to a hub-and-spoke configuration.
  Any ideas?
  Regards
  Daniel

  Thanks. That's what I thought. I'm trying to configure this a my lab and having trouble though. Here's what I am trying to accomplish: HUB should communication with spoke1 and spoke2 via ipsec vpn using their own internal addresses HUB: 192.100.10.0/24, SPOKE1 10.142.0.0/24, SPOKE2 10.25.0.0/24) Communication between SPOKE1 and SPOKE2 should be nat'ed by the HUB so SPOKE2's addresses appear to be 172.16.128.0/24. SPOKE1's interesting traffic rule will allow the entire 172.16.128.0 255.255.128.0 subnet. Any new SPOKE's will use another subnet of that network. In my head I think I might need to let SPOKE2 NAT it's own traffic before it gets to HUB, but I'm dealing with multiple different devices as spokes so I want to handle everything on the HUB. Ideally the HUB would translate all traffic in both directions so both business partners and clients would only need one supernet in their interesting traffic rules.

• CSVPN 3002 and DHCP Relay

  I saw an answer to this questions back in Jul 2004 that stated DHCP Relay was not supported on the Cisco 3002 HW client. Is this still the case? If not, what version of software must be used to enable this feature?
  Thanks.

  DHCP relay is not supported yet, you could check with the release notes.

• WDS Set up - Help Needed! Airport Extreme with one Relay and one remote

  Hi Guys,
  I need a bit of help. I am feeling quite stupid and frustrated. I am having some difficulty with setting up a WDS network with:
  Base station: Airport extreme (current version)
  Relay: Airport Express (current version)
  Remote: Airport Express (current version)
  I start by cold resetting the three units. The Base station is connected via Ethernet. The setup I wish to get going is a simple base - relay - remote.
  I go through the utility manager and set up the base station, first as "create a wireless network" enter the ISP details etc etc. Its green light. Everything is fine. Then manually configure the Base Station. Hold down option key hit Participate in a WDS. I then select main enter + and add the Mac Id's for the intended Relay unit and Remote Unit (12 character and numeric string). At this stage I am only adding the intended Relay unit and Remote units MAC number.
  Question 1: Do I need to add the base unit's MAC number itself under: WDS Remotes? even I am setting it up as Main?
  I am careful to note the security settings and the the Wireless Network name to match these in the relay and remote set up. Under the Wireless tab I leave the Radio Mode: as Automatic (802.11a/n - 802.11b/g/n). I make sure the base has "allow this network to be extended" ticked. Under Radio Channel selection I edit it to reference channel 1 for 2.4Ghz (5 Ghz leave as Auto). I am careful when setting up the Relay and remote to match the Radio Channel. (Although I tired many channels as I thought maybe interference was a factor and denying the fact its obviously my set up skills as a factor).
  Question 2: Do you need to disable Guest networks? I would think it does not matter as I have tired turning it off and has not made any difference.
  Under Access Control I leave as default, Not enabled.
  Next I hit update and and error message comes up. WDS Error as it can not find other units. Ok fine as the relay and remote are not yet set up. So I ignore and can get to the stage where the base unit is working and green light with an internet connection.
  I then proceed to set up the Relay unit. Doing the same steps as above with a couple of differences being I add the MAC numbers and select the WDS Mode (Relay for Relay and Remote for Remote. I add the Main base station (i.e Airpot Extreme MAC No.) when prompted and then + the Remotes MAC number. The same for the Remote except I only need to add the base station's main no.
  Question 3. Do I need to add the Relay's own MAC number to its own setup? This seems doubtful as with the base station but tired with and without for good measure with no success.
  The 2.4Ghz channels are all set to 1. Radio mode set to Auto. Although even when I try to manually set them to all identical it doesn't seem t help.
  Then the problems begin. The base unit is Green and the Relay and Remote say they are not connected to the internet. I assume since I have not seen a WDS Error message then the units are set up correctly or as I ignored it on the base unit. But when click unignore the error seems to work itself out.
  Question 4. I need help to understand why I have no internet. The remote / relay says something about no IP number and I don't really understand what I should do? Do I need to go back the Airport Utility Manager and start messing about with the TCP/IP, DHCP, NAT ? The base is set up PPPoE and the relay and remote are set to Bridge.
  It is really puzzling me why the relay and remote flash amber with error messages related to the IP number? I have tried turning off the base station and router and then on again but no joy.
  Can anyone please enlighten me or give me a few ideas? I am doing something very obviously stupid and I guess the fix is something simple that I have overlooked.
  I did spend the time and go through the threads and search online, So I am not trying to waste anyone's time I referenced the two links to get a second opinion:
  http://broadcast.oreilly.com/2009/03/taming-an-airport-express-wds.html
  http://www.macobserver.com/tmo/article/settingup_an_airport_relay_with_airportexpress/
  Any help much appreciated!

  Versed wrote:
  I need a bit of help.
  Welcome to Apple's discussion groups.
  My WDS experience is limited to "main" and "remote" configurations (no "relay"), so I'm not posting from direct experience, but below is what I think would work in your case.
  I go through the utility manager and set up the base station, first as "create a wireless network" enter the ISP details etc etc. Its green light. Everything is fine. Then manually configure the Base Station. Hold down option key hit Participate in a WDS. I then select main enter + and add the Mac Id's for the intended Relay unit and Remote Unit
  I don't think the "main" unit needs to be told about the "remote" unit, only about the "relay" unit.
  Question 1: Do I need to add the base unit's MAC number itself under: WDS Remotes? even I am setting it up as Main?
  You'd never enter the MAC address of a unit into its own configuration, if that's what you mean. I also don't think that you'd need to enter the MAC address of the main into the remote and conversely.
  I am careful to note the security settings and the the Wireless Network name to match these in the relay and remote set up. Under the Wireless tab I leave the Radio Mode: as Automatic (802.11a/n - 802.11b/g/n).
  Five things have to match in a WDS configuration: network name, encryption type, network password, band, and channel.
  I make sure the base has "allow this network to be extended" ticked.
  I don't think that's important for a WDS configuration.
  Question 2: Do you need to disable Guest networks?
  I wouldn't think that matters.
  Under Access Control I leave as default, Not enabled.
  That's fine.
  WDS Error as it can not find other units. Ok fine as the relay and remote are not yet set up.
  Right.
  I then proceed to set up the Relay unit. Doing the same steps as above with a couple of differences being I add the MAC numbers and select the WDS Mode (Relay for Relay and Remote for Remote. I add the Main base station (i.e Airport Extreme MAC No.) when prompted and then + the Remotes MAC number. The same for the Remote except I only need to add the base station's main no.
  I think this should be the MAC address of the relay station, not that of the main station.
  Question 3. Do I need to add the Relay's own MAC number to its own setup?
  No.

• DHCP Relay Cisco SG500X

  Hi, 
  I've create 2 vlan in a cisco SG500X-24 and a DHCP server on vlan 2. I just want to dhcp server assign ip to devices on vlan 3. I've configured the vlan and dhcp server relay commands.
  ip dhcp relay address 192.168.1.11
  ip dhcp relay enable
  ip dhcp information option
  interface vlan 2                                      
   ip address 192.168.1.250 255.255.255.0
  interface vlan 3
   ip address 192.168.51.254 255.255.255.0
   ip dhcp relay enable
  The dhcp server gets the request from pc, and sends a new address, but the offer packet not comes to device. With Wireshark a see like offer dhcp packet can't jump to vlan 3.
  It's the first time a work with SMB series, and this never happens with catalyst. I'm turning crazy.
  Anyone can help me? Thank you in advances.
  Victor.

  Hi,
  Yes, also I configured ip dhcp relay on intefaces.
  Yesterday I found the trouble. I was using the tftpd32 dhcp server, and I tested with a Windows DHCP server and everything works like a champ. I didn't know what have do, and i turned crazy, so I began to change every element on solution, finally the DHCP server that it was the key.
  Thank you so much for your answer.
  KR!

• WRVS4400Nv2 DHCP Relay on 2nd VLAN

  Hi,
  Here's what I'm trying to figure out:
  My network is set up such that I have a Wireless Network in VLAN 1, which is the primary network that we use.  The subnet is 10.5.1.x.
  My goal is to set up a completely isolated Guest Wireless Network, however it would work best.  What I am trying to do now is I created a seperate VLAN (VLAN 2, IP range 10.5.2.x) and turned on DHCP on the WRVS4400N.  However, in the Guest Network, it is always picking up a 10.5.1.x IP which is handed out by the DHCP server (10.5.1.5, Win 2003) and still routing all of the traffic to/from our private network.
  Here's What I have set:
  Wireless>Security Settings>Guest Network (SSID 2)
  Wireless Isolation (between SSID w/o VLAN): Enabled
  Wireless Isolation (within SSID): Enabled
  Setup>LAN>VLAN 1
  Router IP 10.5.1.1, WLAN IP 10.5.1.3
  DHCP Relay for 10.5.1.5
  Setup>LAN>VLAN 2
  Router IP 10.5.2.1
  DHCP Enabled for 10.5.2.x subnet
  DHCP Relay option is grayed out (not sure why)
  Setup>Advanced Routing
  Inter-VLAN Routing: Disabled
  Any way to solve this would be fine.  I just do not want traffic routing through our internal network.  Ideally, if I could get the Windows server to hand out 10.5.2.x addresses, that would be perfect, but I'm not sure how to configure it for such. 
  If anyone has any ideas, that'd be great- thanks!
  Matt

  Yes...here's an answer I got from Cisco's Engineering support:
  The issue you reported is a know issue.
  Engineering and development are aware of this issue, and have provided  the following information:
  PROBLEM DESCRIPTION:
  If the WRVS4400N is configured with multiple VLANs, and these VLANs are  mapped to different SSID, the user cannot use an external DHCP server to  provide IP scopes for these VLANs.
  Hosts connected to both SSID will obtain IP address from native DHCP  server only.
  The workaround for this is to use the embedded DHCP server for all VLANs  defined on the WRVS4400N.
  Note: This is not considered a bug but rather a product limitation. The  developer has confirmed the WRVS4400N is functioning as designed.
  Regarding a fix:
  Due to wireless and trunk switch port using different chip set, it is  not possible to provide a fix for this issue.
  In future product, Engineering & Dev teams will strive to use the  same chip set (same vendor). 
  This functionality has been targeted for next new Product.  No fix will  be made on the current hardware. 
  Note: If this feature/function is mission critical to your deployment,  and you would like to recover the cost of the WRVS4400N, please forward  the serial number and a copy of the proof of purchase, and we will  gladly provide a refund.
  Best regards,
  Alex Delano

• PXE with IP Helpers/DHCP Relay

  I'm a Sysadmin and I have a question about what is best practice in regards to PXE servers. We are currently using DHCP Options for PXE clients (options 66,67). This works for most clients but is not the recommended method from either of the vendors we have used (Microsoft or Symantec). They recommend using IP Helpers / DHCP relay to forward the DHCP discover request to the PXE servers so that the PXE server is getting the actual request. This is more of an issue now with UEFI-based machines where the boot file would be different based on if the client is UEFI.
  My Network team is against using IP Helpers and thinks it can cause issues. This doesn't seem to make much sense to me, as from what I understand, all that happens is both the DHCP server and the PXE servers get the DHCP discover and respond with their relevant info. Can someone clarify what, if any, issues there are using multiple IP helpers/DHCP relay with PXE Servers like SCCM & Altiris? Is this not standard practice?

  It's very common to use DHCP relays (IP helpers) in order to centralize DHCP infrastructure. Larger organizations will frequently use this approach in order to avoid having to manually edit DHCP configurations at the router or switch level. Having a few servers with a central DHCP configuration for all segments is a good management proposition.
  In most environments, there isn't a problem with doing this, but it is a major architectural consideration and not something you just turn on without consideration. This is largely because DHCP works on a broadcast principle. The clients are going to broadcast for the first DHCP server that answers with an acceptable offer, which they will take. If you have a mixture of local DHCP servers and relays, the local servers will respond faster and may not provide the configuration you want to deploy... at best. At worst, you will have a mix of acceptable responses and a lot of potential for conflicting addresses. On any network segment where you're using DHCP relays, the local server needs to be disabled.
  It might be worthwhile going back to your network team and asking what sorts of "issues" that they feel the implementation of DHCP relays would cause. There may be something unique to your environment that makes them reluctant to pursue this approach.

• SGE2000 DHCP Relay Issue

  I am looking for some help with DHCP Relay on a SGE2000 switch.
  I have configured two VLANs on the switch, VLAN2 (192.168.10.x/24) and VLAN3 (192.168.9.x/24). I have the switch in Layer 3 mode. I have configured the DHCP relay server of 192.168.10.4 and the DHCP Interfaces as VLAN3. All of the IP Static Routes were generated by the switch.
  If I put a client computer on a port that is Untagged VLAN 3 and try to get a DHCP address from the server on an Untagged VLAN 2 port I never get a response back.
  I have done some packet captures and here is what I have found:
  I see the DHCP broadcast on the client computer
  I see the DHCP Request on the DHCP server coming from the IP assiged to the switch on VLAN 3 (192.168.9.254)
  I see the DHCP server respond with a DHCP Offer
  The DHCP offer never gets to the client computer
  I can't seem to get a DHCP address to any system not on the same VLAN as the DHCP server. Option 82 is disable and I did try enabling it, which made no difference.
  Any help would be great.
  Thanks,
  Phil

  Hi phil,
  Have you created a static route on the DHCP server that points back to the 192.168.9.0/24 network.
  The gateway for that network,  from the DHCP relay servers perspective,  is the VLAN2 IP address of the SGE2000 switch.
  i would think that if you tried to ping the VLAN3 switch  IP address from the DHCP server now,  you will not get a reply.
  When you create a static or persistant route in the DHCP server,   you then should be able to ping VLAN3 IP address of the switch.
  regards Dave

• DHCP Relay Server

  Has anyone successfully setup Server 2.2.2 to hand out IP addresses on multiple subnets? I have several VLANs and I'd like to have the server handout the addresses so I can manage them all from a single spot.
  My router has a DHCP relay option so I've told it to forward DHCP requests to the server. I setup the subnets I have in the Server App and started the service. When I have a client make a DHCP request, the log shows that it recieves the request and makes an offer but the offer never makes it to the client. The server is handing out addresses in the proper subnets but for some reason the client does not recieve the offer.
  In wireshark, this is what I see:
  Src: 10.33.1.254 --> Dst: 10.33.1.16 --> DHCP Request
  Src: 10.33.1.16   --> Dst: 10.33.110.254 --> DHCP Offer
  10.33.1.254 is the router on VLAN1 and 10.33.110.254 is the router on VLAN380 (where the client is). The server is offering addresses in the 10.33.110.0 subnet like I want it to. Do I have a misconfiguration in the server or the router?

  Well.. as far as I know what you are asking is not possible... :(
  Did it help?

• How to configure Dhcp relay agent

  How I can to configure the wrt54g like a dhcp relay agent? please i need help, tell me

  A DHCP relay agent is any host that forwards DHCP packets between clients and servers. Relay agents are used to forward requests and replies between clients and servers when they are not on the same physical subnet. Relay agent forwarding is distinct from the normal forwarding of an IP router, where IP datagrams are switched between networks somewhat transparently. By contrast, relay agents receive DHCP messages and then generate a new DHCP message to send out on another interface. The relay agent sets the gateway address (giaddr field of the DHCP packet) and, if configured, adds the relay agent information option in the packet and forwards it to the DHCP server. The reply from the server is forwarded back to the client after removing option .

• DHCP relay issues - WLC4400 series

  Hi all,
  I'm experiencing some strange problems with my WLC 4400 – and hope you guys can give me a hand.
  There is an issue while connecting a WLAN Client to the WLC for the first time. I pinpointed the source of the problem to the dhcp, but I wondering why this happens…
  As stated above – the issue occurs only during the first time registration of a WLAN client with the WLC. If I do another registration right after the failed connection attempt, the session is established and I can start working in my network environment.
  Because we use 802.1x authentication, my first idea was that there is an issue – but the authentication process completes successfully.
  Another debug for the dhcp process showed an issue during the initial registration process. I'll paste an extract of the NOT working connection attempt below (DHCP DISCOVER msg and DHCP OFFER msg passed successfully – I'll focus on the DHCP REQUEST msg):
  ###### Extract one ######
  Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c dhcpProxy: Received packet: Client 00:21:6a:00:35:9c
                          DHCP Op: BOOTREQUEST(1), IP len: 303, switchport: 29, encap: 0xec03
  Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c dhcp option len, including the magic cookie = 67
  Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c dhcp option: received DHCP REQUEST msg
  Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c dhcp option: skipping option 61, len 7
  Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c dhcp option: requested ip = 10.64.153.66
  Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c dhcp option: server id = 1.1.1.1
  Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c dhcp option: skipping option 12, len 12
  Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c dhcp option: vendor class id = MSFT 5.0 (len 8)
  Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c dhcp option: skipping option 55, len 12
  Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c dhcpParseOptions: options end, len 67, actual 67
  Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c dhcpProxy: dhcp request, client: 00:21:6a:00:35:9c:
                          dhcp op: 1, port: 29, encap 0xec03, old mscb port number: 29
  Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c Determing relay for 00:21:6a:00:35:9c
                                                                                                          dhcpServer: 10.49.143.8, dhcpNetmask: 0.0.0.0,
                          dhcpGateway: 0.0.0.0, dhcpRelay: 0.0.0.0  VLAN: 0
  Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c Relay settings for 00:21:6a:00:35:9c
                                                                                                          Local Address: 0.0.0.0, DHCP Server: 10.49.143.8,
                          Gateway Addr: 10.64.153.1, VLAN: 0, port: 29
  Tue Mar  9 09:51:31 2010: 00:21:6a:00:35:9c dhcpProcessPacket return an error,chaddr: 00:21:6a:00:35:9c
  The process stops working after the last line above. The client reports connection successfully, but no IP address was assigned to the client. A second connection attempt was successful (again – I'll focus on the dhcp REQUEST msg – ignoring DISCOVER, OFFER and ACK msg):
                          DHCP Op: BOOTREQUEST(1), IP len: 303, switchport: 29, encap: 0xec03
  Tue Mar  9 09:53:02 2010: 00:21:6a:00:35:9c dhcp option len, including the magic cookie = 67
  Tue Mar  9 09:53:02 2010: 00:21:6a:00:35:9c dhcp option: received DHCP REQUEST msg
  Tue Mar  9 09:53:02 2010: 00:21:6a:00:35:9c dhcp option: skipping option 61, len 7
  Tue Mar  9 09:53:02 2010: 00:21:6a:00:35:9c dhcp option: requested ip = 10.64.153.66
  Tue Mar  9 09:53:02 2010: 00:21:6a:00:35:9c dhcp option: server id = 1.1.1.1
  Tue Mar  9 09:53:02 2010: 00:21:6a:00:35:9c dhcp option: skipping option 12, len 12
  Tue Mar  9 09:53:02 2010: 00:21:6a:00:35:9c dhcp option: vendor class id = MSFT 5.0 (len 8)
  Tue Mar  9 09:53:02 2010: 00:21:6a:00:35:9c dhcp option: skipping option 55, len 12
  Tue Mar  9 09:53:02 2010: 00:21:6a:00:35:9c dhcpParseOptions: options end, len 67, actual 67
  Tue Mar  9 09:53:02 2010: 00:21:6a:00:35:9c dhcpProxy: dhcp request, client: 00:21:6a:00:35:9c:
                          dhcp op: 1, port: 29, encap 0xec03, old mscb port number: 29
  Tue Mar  9 09:53:02 2010: 00:21:6a:00:35:9c Determing relay for 00:21:6a:00:35:9c
                                                                                                          dhcpServer: 10.49.143.8, dhcpNetmask: 0.0.0.0,
                          dhcpGateway: 0.0.0.0, dhcpRelay: 10.64.153.6  VLAN: 300
  Tue Mar  9 09:53:02 2010: 00:21:6a:00:35:9c Relay settings for 00:21:6a:00:35:9c
                                                                                                          Local Address: 10.64.153.6, DHCP Server: 10.49.143.8,
  The major difference seems to be in line 16:
  Not Working:
                          dhcpGateway: 0.0.0.0, dhcpRelay: 0.0.0.0  VLAN: 0
  Working:
                          dhcpGateway: 0.0.0.0, dhcpRelay: 10.64.153.6  VLAN: 300
  For me it seems that the WLC is not able to forward this request to the appropriate dhcp server.
  Does anyone of you have an idea, why this happens? And why does this happen only during the first time login of every client? Or am I misinterpreting the debug output?!
  Thx a lot in advance!
  Cheers
  Martin

  Hi,
  thx for your comment so far.
  I did some additional troubleshooting yesterday and I guess I fixed the problem. The management interface was configured with two dhcp server IPs (0.0.0.0 and 1.1.1.1).
  Within the Cisco documentation it is stated that the dhcp relay proxy feature uses a virtual IP 1.1.1.1.
  0.0.0.0    seems to be used for the internal communication.
  When I changed the dhcp address (primary & secondary) to IP 1.1.1.1 the problem was solved. We tested it yesterday evening and this morning.
  My assumption is that the virtual 1.1.1.1 IP is mandatory to match the dhcp responses to the proxy relaying feature. Or the WLC uses the DHCP addresses on the management interface to forward the traffic to the appropriate feature (where 1.1.1.1 triggers the proxy feature and 0.0.0.0 is used to forward the traffic to the internal dhcp service). But this is just a guesswork – I do not know the Cisco WLAN good enough to provide a valuable explanation.
  Cheers
  Martin

• DHCP Server & DHCP Relay on the same box

  Hi,
  I was wondering if there was any tricky way to have both the DHCP server and DHCP Relay present at the same time and have router use Relay option before local DHCP pool?
  I must say that both DHCP Pool and "ip helper address" command serve the same interface. By default, router will look for locally available pools and send DHCPOFFER by itself without relaying the DHCPDISCOVER to a remote DHCP server, so incoming interface takes precedence over DHCP-relay option and I was wondering if you could tweak that...
  Thanks,
  David

  Well.. as far as I know what you are asking is not possible... :(
  Did it help?