Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
9126
Views
0
Helpful
8
Replies

Problems with DHCP relay on Catalyst 3560

FredericMarquis
Level 1
Level 1

‎08-05-2010 10:47 AM - edited ‎03-06-2019 12:20 PM

Hello,

We had IOS IPbase installed on our Catalyst 3560G and all our dhcp client were working fine but since we upgraded to Ipservice,  all our linux workstation running Ubuntu were experiencing problems obtaining an IP address from the DHCP.  I noticed something strange while analysing the port with WireShark.:

Bootstrap Protocol
    Message type: Boot Request (1)
    Hardware type: Ethernet
    Hardware address length: 6
    Hops: 0
    Transaction ID: 0x695b3622
    Seconds elapsed: 0
    Bootp flags: 0x0000 (Unicast)
    Client IP address: 0.0.0.0 (0.0.0.0)
    Your (client) IP address: 0.0.0.0 (0.0.0.0)
    Next server IP address: 0.0.0.0 (0.0.0.0)
    Relay agent IP address: 0.0.0.0 (0.0.0.0)
    Client MAC address: WyseTech_74:3c:9f (00:80:64:74:3c:9f)
    Client hardware address padding: 00000000000000000000
    Server host name not given
    Boot file name not given
    Magic cookie: (OK)
    Option: (t=53,l=1) DHCP Message Type = DHCP Discover
        Option: (53) DHCP Message Type
        Length: 1
        Value: 01
    Option: (t=61,l=0) Client identifier
        Option: (61) Client identifier
        Length: 0

The boot flags is set to unicast and the Client identifier is empty.

Cisco IOS show the following error :

Aug  5 13:43:31: DHCPD: option 61 is malformed (option length 0).
Aug  5 13:43:31: DHCPD: invalid DHCP options - unable to parse

Is there a command or anything that would tell the router to route the packet to the DHCP server (Configured with ip-helper address) and ignoring this option?  Disabling this option on Ubuntu is almost impossible.

Thank you

Labels:
0 Helpful
8 Replies 8

vragotha
Level 3
Level 3

‎08-05-2010 12:13 PM

Hi,

  Can you provide a 'show run' and 'show ip dhcp pool'

0 Helpful

FredericMarquis
Level 1
Level 1
In response to vragotha

‎08-05-2010 12:19 PM

No problem.

But the router is NOT the dhcp Server.  It only forward request to the dhcp Server with the command ip helper.  For example :

interface Vlan76
 ip address 10.106.XX.XX 255.255.255.0
 ip helper-address 10.1.XX.XX
 ip helper-address 10.1.XX.XX
 ip helper-address 10.1.XX.XX
end

Here is the result of sh ip dhcp pool :

c3560g-106-1#sh ip dhcp pool

c3560g-106-1#

The config file is attach to this message.

Thank you,

70090-c3560g-test-confg.txt.zip
0 Helpful

FredericMarquis
Level 1
Level 1

‎08-05-2010 01:18 PM

My collegue found this information from http://www.faqs.org/rfcs/rfc1533.html :

9.12. Client-identifier

   This option is used by DHCP clients to specify their unique
   identifier.  DHCP servers use this value to index their database of
   address bindings.  This value is expected to be unique for all
   clients in an administrative domain.

   Identifiers consist of a type-value pair, similar to the

   It is expected that this field will typically contain a hardware type
   and hardware address, but this is not required.  Current legal values
   for hardware types are defined in [22].

   The code for this option is 61, and its minimum length is 2.

   Code   Len   Type  Client-Identifier
   +-----+-----+-----+-----+-----+---
   |  61 |  n  |  t1 |  i1 |  i2 | ...
   +-----+-----+-----+-----+-----+---

The dhcp client is "udhcpc".  I understant that the client does not respect rfc rules.  But,  Cisco should relay the packet to the DHCP server.

0 Helpful

FredericMarquis
Level 1
Level 1
In response to FredericMarquis

‎08-12-2010 07:19 AM

We managed fix the udchpc client.  It no  longer send dhcp request with option 61.

Still,  it does not explain why Cisco does not foward thoses packets.

0 Helpful

Matthew Blanshard
Cisco Employee
Cisco Employee
In response to FredericMarquis

‎08-12-2010 10:43 AM

Hello Frederic,

When DHCP snooping is enabled on the switch the DHCP packets are checked and the packets are held to the RFC standard.  So DHCP snooping would drop this packet due to the invalid option in it.  If you disabled DHCP snooping then this packet would be forwarded normally.

HTH,

-Matt

0 Helpful

Chad Peterson
Cisco Employee
Cisco Employee
In response to Matthew Blanshard

‎08-19-2010 04:29 PM

Actually I am betting you upgraded your IOS from something before 12.2(50)SE to 12.2(50)SE or later.  We added enhancement CSCso19800 which will validate DHCP options when we are a relay agent.

As your option 61 had Leng 0, its invalid and should not be there.

0 Helpful

Matthew Blanshard
Cisco Employee
Cisco Employee
In response to FredericMarquis

‎08-12-2010 10:52 AM

Got posted twice for some reason.

0 Helpful

FredericMarquis
Level 1
Level 1
In response to Matthew Blanshard

‎09-09-2010 07:28 AM

I fixed the udhcpd client.  Everything work nicely now.

But every "no ip dhcp snooping"  i tried never work for this problem.

Thank you for your help.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card