I was wondering if anyone could offer some advice/help/clues etc for this problem.
Within the network I administer I use DNS to dish out the wpad script to enable internet access. Recently a couple of new proxy servers were installed and in a attempt to not bloat the original script any further I decided create a new script to issue the wpad config to hosts through the DHCP server using option 252. (What does this have to do with Cisco?) Well from within the segment where the DHCP server is I am able to receive option 252 however from any other VLAN I fail to receive option 252, according to wireshark, I am using ip-helper-address on each VLAN. This is the odd part, I do get option 252 when I run ipconfig /renew from a segment without the DHCP on it…..
Hardware; 6509 chassis with a SUP720 MSFC3 running 12.2(14)SX2
- You have multiple vlans. Somewhere, the router with the SVI for these VLANs has "ip dhcp-helper address a.b.c.d" where a.b.c.d is the ip address of your DHCP Server.
- Your DHCP server sees DHCP requests from clients on other VLANs?
- Clients on the same VLAN as the DHCP server get the response with option 252.
- Clients on other VLANs do NOT get responses with option 252?
Your statement is slightly contradictory when you say:
"Well from within the segment where the DHCP server is I am able to receive option 252 however from any other VLAN I fail to receive option 252"
"This is the odd part, I do get option 252 when I run ipconfig /renew from a segment without the DHCP on it"
So it is slightly confusing.
Do clients on the "other" VLANs get IP addresses, but not the option 252 field? If you run a full packet dump on a client in another VLAN during the DHCP (ipconfig /renew) process, do you see it getting option 252?
I would highly recommend turning other DHCP servers off and only testing with the one you are interested in using (even if it is just filtering it at the routing interface ACL) to make sure another server isn't responding faster than this one. If you have a host on a segment with ip dhcp-helper address assigned, it will still take the first DHCP response which could come from someplace else (depending on your network setup).
Please clarify a little and we'll try to help further.
Thanks for the replies, I'll try and answer those points.
1). Yes the core router has many VLAN's all configured with the same ip-helper-address a.b.c.d (I only have two DHCP servers on the network)
2). The DHCP server does see the requests from hosts in other VLAN's
3). Clients on the same segment get option 252 in the every DHCP ACK from the DHCP server
4). Clients in other segments which use the DHCP relay do not get option 252 in the DHCP ACK when booting up or if the network cable is unplugged and plugged back in again, however they do get option 252 when I manually run "ipconfig /renew".
It sounds odd, because we know DHCP works when you manually do it. Are you using portfast on the switchports to the hosts? Is it possible the DHCP is getting lost while the port is going through listening and learning spanning-tree functions?
If you sniff the host and DHCP server simultaneously, and you unplug the cable and plug it back in... what happens? Does the packet get to the DHCP server or does it just never arrive? Something else seems to be amiss.
Try putting a host on a port with spanning-tree portfast on it and testing if you haven't already.
Good point about portfast, the switchport was running spanning-tree portfast.
The packet trace from wireshark shows a DHCP ACK packet with various DHCP options; default gateway, domain etc however it's missing option 252 unless I manually force a renew. The packets are getting from the client to the server and back but the packet is missing the important option. I know there is a command to enable the DHCP relay client to forward option 82 "ip dhcp relay information trust-all" which does suggest the relay client could drop some data from the packet in transit. I cannot understand why when I manually force the renew I do get option 252...........
This sounds like a DHCP configuration thing... I recall at some point there was a difference between a totally new request (where the IP is released, then requested, as in ipconfig /renew) and a gratuitous DHCP request (ie you unplug the cable, then plug it in, and your system asks for an IP again) where the original IP was never relinquished to the DHCP server by the host.
My gut feeling is that this isn't related to your Cisco config whatsoever. I have a feeling this is entirely related to your DHCP server config in some way. I know that isn't comforting in any way.
I searched online and saw someone say this works great on XP but not on Vista, as well. What OS platforms have you tried?
There is a difference in Windows DHCP server between a "refresh" and an "acquire" function in DHCP. I just checked with a guru.
I would say, if you can, stop and restart DHCP services and test again. There is a possibility that the server has cached some stuff from before you set the 252 option. See if things are better after a clean restart of the server/services.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.