1841/ IP helper

americain · ‎04-08-2009

Hello

I have a client which is having problems with his DHCP.

There is a trunk configured with 2 subinterfaces, both with encapsulation and 2 ip helper addresses.

The client sees only 1 DHCP pool working.

Is there a known problem on this kind of router?

I never have problems with this type of config on 8xx series.

I know that the on board interfaces on the 1841 are no switchports.

Both vlan's exist. Routing and connectivity is ok. When fixed addresses are used the setup works. So the only prob is DHCP.

This is the used config on my router:

interface FastEthernet0/1.2

encapsulation dot1Q 2

ip address y.y.y.y 255.255.255.224

ip helper-address z.z.z.z

no ip proxy-arp

no cdp enable

!

interface FastEthernet0/1.1000

encapsulation dot1Q 1000

ip address x.x.x.x 255.255.255.224

ip access-group 111 in

ip helper-address z.z.z.z no ip proxy-arp

no cdp enable

!

Thank you for the help.

paolo bevilacqua · ‎04-08-2009

You should be fine with that config.

Just remember, when routing from vlan 2 to 1000, never expect full FE performances.

americain · ‎04-09-2009

Hey

Thanks for the input.

No other suggestions?

Thanks

Fred

Richard Burts · ‎04-09-2009

Fred

Your original post tells us that only one works, but it does not tell us which one. Knowing that might be helpful.

Not knowing which one works, I would guess that it might be vlan 1000. I notice that it has access-group 111 in. Can you post access list 111? My guess is that the access list is not permitting the DHCP request from the client.

HTH

Rick

HTH

Rick

americain · ‎04-12-2009

Hi Rick

Indeed, it is vlan 1000 which is not working.

But after a few tests and changing the configs I forgot to put back acl 111 on the first subinterface.

ACL 111 is now configured on the first interface as well and this still works.

Normally it is configured on both subinterfaces. This ACL only prevents traffic to our backbone.

There is no line for a deny on source addresses configured on the interfaces.

The strange thing is that this setup works initially but the lease never gets renewed. The DHCP server is a windows machine and the lease time is 7 days.

The problem here is that it is not easy to troubleshoot since the server is in another customers network.

The server is pingable from both subinterfaces and routing works fine with fixed IP addresses.

Thanks for your input and sorry for the late response.

Fred

Thotsaphon Lueangwattanaphong · ‎04-12-2009

Fred,

Please show us what ACL_111 looks like.

I would have the following commands in ACL_111.

permit udp any any eq bootps

permit udp any any eq bootpc

HTH,

Toshi

americain · ‎04-13-2009

Hi Toshi

I see no hits on the deny statements in acl 111.

A few days ago I allready added a extra acl for udp packets.

But the customer hasn't been on-site since then and thus the network is still configured with static addresses.

So it is not yet possible to see what is going on.

I was thinking that maybe somebody allready has encountered this kind of problem and knew a solution.

So I could allready explain what was going on and decide if it is a router config(my prob) or a windows server prob(customer prob).

Thanks

Fred