Can't get DHCP address with "ip verify unicast reverse-path"

Answered Question
Jan 6th, 2009
User Badges:

Hey All,


As stated, on my WAN-facing interface on a 3825 I have it set to acquire a DHCP address. It never would get an address, though.


After much troubleshooting I figured it was the "ip verify unicast reverse-path" command. Once I took this off, it got a DHCP address right away.


Now, the strange thing is, Cisco's docs say that command should allow source 0.0.0.0 addresses to enable BOOTP/DHCP to work.


Anyone have any idea why this might be happening for me?

Correct Answer by Richard Burts about 8 years 6 months ago

Graham


I am glad that my response did help you resolve your problem. Feel free to use the "solved" mark on this response.


HTH


Rick

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Richard Burts Tue, 01/06/2009 - 11:09
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Graham


The source address of 0.0.0.0 would be if some device were sending DHCP requests to your interface. But your situation is that you are sending requests to the ISP and they are sending responses. It looks like since the interface does not recognize the source address of the response (which would be the valid next hop address of the ISP device) that RPF is denying the packet. One of the options in RPF is to configure an access list which can specify traffic to accept. Perhaps you should modify your RPF configuration to have an access list and in the access list permit DHCP/bootp responses.


HTH


Rick

graham.fleming Tue, 01/06/2009 - 11:21
User Badges:

Rick, I accidentally rated without saying it solved the issue. If you want to reply with something I'll mark that as "solved".

Correct Answer
Richard Burts Tue, 01/06/2009 - 13:00
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Graham


I am glad that my response did help you resolve your problem. Feel free to use the "solved" mark on this response.


HTH


Rick

Actions

This Discussion