1841/ IP helper

Unanswered Question
Apr 8th, 2009


I have a client which is having problems with his DHCP.

There is a trunk configured with 2 subinterfaces, both with encapsulation and 2 ip helper addresses.

The client sees only 1 DHCP pool working.

Is there a known problem on this kind of router?

I never have problems with this type of config on 8xx series.

I know that the on board interfaces on the 1841 are no switchports.

Both vlan's exist. Routing and connectivity is ok. When fixed addresses are used the setup works. So the only prob is DHCP.

This is the used config on my router:

interface FastEthernet0/1.2

encapsulation dot1Q 2

ip address y.y.y.y

ip helper-address z.z.z.z

no ip proxy-arp

no cdp enable


interface FastEthernet0/1.1000

encapsulation dot1Q 1000

ip address x.x.x.x

ip access-group 111 in

ip helper-address z.z.z.z no ip proxy-arp

no cdp enable


Thank you for the help.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Paolo Bevilacqua Wed, 04/08/2009 - 23:29

You should be fine with that config.

Just remember, when routing from vlan 2 to 1000, never expect full FE performances.

Richard Burts Thu, 04/09/2009 - 12:21


Your original post tells us that only one works, but it does not tell us which one. Knowing that might be helpful.

Not knowing which one works, I would guess that it might be vlan 1000. I notice that it has access-group 111 in. Can you post access list 111? My guess is that the access list is not permitting the DHCP request from the client.



americain Sun, 04/12/2009 - 11:44

Hi Rick

Indeed, it is vlan 1000 which is not working.

But after a few tests and changing the configs I forgot to put back acl 111 on the first subinterface.

ACL 111 is now configured on the first interface as well and this still works.

Normally it is configured on both subinterfaces. This ACL only prevents traffic to our backbone.

There is no line for a deny on source addresses configured on the interfaces.

The strange thing is that this setup works initially but the lease never gets renewed. The DHCP server is a windows machine and the lease time is 7 days.

The problem here is that it is not easy to troubleshoot since the server is in another customers network.

The server is pingable from both subinterfaces and routing works fine with fixed IP addresses.

Thanks for your input and sorry for the late response.


thotsaphon Sun, 04/12/2009 - 11:50


Please show us what ACL_111 looks like.

I would have the following commands in ACL_111.

permit udp any any eq bootps

permit udp any any eq bootpc



americain Mon, 04/13/2009 - 03:20

Hi Toshi

I see no hits on the deny statements in acl 111.

A few days ago I allready added a extra acl for udp packets.

But the customer hasn't been on-site since then and thus the network is still configured with static addresses.

So it is not yet possible to see what is going on.

I was thinking that maybe somebody allready has encountered this kind of problem and knew a solution.

So I could allready explain what was going on and decide if it is a router config(my prob) or a windows server prob(customer prob).




This Discussion