I am currently working through a issue with Cisco TAC but I also thought I would post here to see if anyone could shed some light on the subject.
Currently we have several 831 routers deployed in the field and are moving to the 871 series for advanced features such as VLAN security and Wireless.
I have created a brand new Teleworker configruation that has full DMVPN redundancy, Quality of Service, Mutliple VLAN's for trusted and untrusted network connections... the whole works.
The issue that I am having, is that I cannot consistantly get a DHCP address from the FastEthernet4 interface. When I connect a router with the attached config to my Comcast cable modem at work, it works without a issue. When I take the same router to my house, with a different modem (RCA DCM425C), I cannot get a DHCP address from Comcast. If I reset my cable modem and plug my 831 back in, or my laptop, I get DHCP immediately.
To take it a step further, I attached a hub and ran Sniffer and I see that my Cisco 7960 phone is doing a DHCP discover, and it is being PASSED OUT THE FASTETHERNET4 INTERFACE!??!? Usually the DHCP Discover is local to the voice VLAN that the phone is in.
Also, if I take a virgin Cisco 871 out of the box, run the SDM Wizard, the same things happen, no DHCP address.
Lastly, the only way I can get it to work, is if I unplug all Ethernet devices from the router other then the modem, boot it up, it gets a DHCP address. Then I can attach my phone and my home network switch, and everything works. However, I can watch my cable modem reset about 10+ times a day.
If I attach my Cisco 831, everything works fine. Please help, what am I missing here.
That is one hell of a config for a little 831 does it perform allright, besides your main issue. It just seems like its a fairly large config for such a little box.
I don't see anything specific off the top of my head that should be causing a problem. You could try dropping one of you BVI and configure your ip address on the vlan interface to see if you can get DHCP consistently on it.
Just to reitterate, the configuration is for the new 871's. The config may seem complex, but really it's not that much. It functions great when I can get a DHCP address.
I was thinking about doing exactly what you were saying, and that is dropping the BVI on VLAN1 for testing and then adding the IP to the VLAN and seeing if it works. I'm betting that it does.
The funniest thing is that I don't have this issue on every Comcast cable connection. It works fine in two locations already, but both have surfboard cable modems.
I want to share the config to all once I get it working, since I think it is close to having all a teleworker config could need, short of NAC and Dot1x.
Any word from your TAC case? I'm having the same problem with receiving a DHCP address using a 871. Works great if my local interface is unplugged.
It's good to hear (kind of) that other people are having the same problem. My TAC case has been escalated and I am getting my local SE (an aquantence of mine) involved next week.
You should open a TAC case as well. Maybe this will speed things up. On a side note, my 877's work great!
This is funny. I had the same issue with my 831 not getting an IP address from Charter Cable. I worked for almost a year then all of a sudden would not accept an IP anymore. I had them replace the modem twice to no avail. I tested from different DHCP server on my network and it worked fine.
I finally gave up and put my Netscreen 5GT first and that eliminated all my problems. It would accept the IP I was happy.
is the ´client-id´ option on your FastEthernet4 required by Comcast ? If not, you might want to try and configure just ´ip address dhcp´. The problem could be related to the fact that your IP Phone is sending DHCPDISCOVER messages, which (for what reason I am not really sure) are being sent out FastEthernet4, which is then likely to confuse the Comcast DHCP server...
The issue that I see though, why are broadcasts even being bridged over FastEthernet4 where Comcast can see them? All of the DHCP requests should be kept local to whatever VLAN they are in. What I suspect is that VLAN1 is the default VLAN of FastEthernet4 as well. Therefore, out of the box, with the SDM wizard configuration Cisco is bridging all internal VLAN1 traffic over FastEthernet4 for all to see. Seems silly, doesn't it?
I wanted to let everyone know that I did get this problem resolved.
This is a known issue with the 851/871 series routers. It relates to bug CSCsd60259.
Apparently when the older ROMMON inits all of the ports by default are in the same VLAN. They all stay active until the IOS boots and then they are put into their correct VLANs. The time between the ROMMON and when the IOS fully loads, traffic sent to the router will be forwarded between the WAN and LAN ports.
This is what was causing my DHCP issues because the router was getting a incorrect lease on bootup. You can get the latest ROMMON firmware from the following location (CCO ID required):
I upgraded to C870_RM_ALT.srec.123-8r.YI3 and this resolved my issues.
Hope this helps.