HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
Comware Based
cancel
Showing results for 
Search instead for 
Did you mean: 

[Solved] Cannot get VLAN DHCP relay working

 
spgsitsupport
Regular Advisor

[Solved] Cannot get VLAN DHCP relay working

HPE 5900 IRF stack
version 7.1.045, Release 2432P01

 dhcp enable
 interface Vlan-interface21
 ip address 172.21.64.254 255.255.255.0
 dhcp select relay
 dhcp relay server-address 10.0.0.21
dhcp relay information enable

MS DHCP has scope configured for 172.21.64.1-172.21.64.253 & active
But client on Vlan21 does not receive any DHCP offer. If I use static IP on that client, I can ping Vlan21 interface just fine

Any ideas?

Thanks

Seb

16 REPLIES
spgsitsupport
Regular Advisor

Re: Cannot get VLAN DHCP relay working

I can see the DHCP request being relayed, but no reply comes back from DHCP server

[HPE5900-SR1]dis dhcp relay statistics
DHCP packets dropped:                  0
DHCP packets received from clients:    122
   DHCPDISCOVER:                       122
   DHCPREQUEST:                        0
   DHCPINFORM:                         0
   DHCPRELEASE:                        0
   DHCPDECLINE:                        0
   BOOTPREQUEST:                       0
DHCP packets received from servers:    0
   DHCPOFFER:                          0
   DHCPACK:                            0
   DHCPNAK:                            0
   BOOTPREPLY:                         0
DHCP packets relayed to servers:       122
   DHCPDISCOVER:                       122
   DHCPREQUEST:                        0
   DHCPINFORM:                         0
   DHCPRELEASE:                        0
   DHCPDECLINE:                        0
   BOOTPREQUEST:                       0
DHCP packets relayed to clients:       0
   DHCPOFFER:                          0
   DHCPACK:                            0
   DHCPNAK:                            0
   BOOTPREPLY:                         0
DHCP packets sent to servers:          0
   DHCPDISCOVER:                       0
   DHCPREQUEST:                        0
   DHCPINFORM:                         0
   DHCPRELEASE:                        0
   DHCPDECLINE:                        0
   BOOTPREQUEST:                       0
DHCP packets sent to clients:          0
   DHCPOFFER:                          0
   DHCPACK:                            0
   DHCPNAK:                            0
   BOOTPREPLY:                         0
pattap
Regular Advisor

Re: Cannot get VLAN DHCP relay working

config on vlan int is correct, how's routing between your clients and the DHCP server? Try ping -a 172.21.64.254 <ip of your DHCP>

 

you can also try debug with: debugging dhcp relay all

make sure you type terminal monitor and terminal debug first, otherwhise you won't see the logs

spgsitsupport
Regular Advisor

Re: Cannot get VLAN DHCP relay working

Well, routing is simply non-existent

<HPE5900-SR1>ping -a 172.21.64.254 10.0.0.21
Ping 10.0.0.21 (10.0.0.21) from 172.21.64.254: 56 data bytes, press CTRL_C to break
Request time out
Request time out
Request time out

But apart from DHCP I do not want to have any communication between Vlans.

pattap
Regular Advisor

Re: Cannot get VLAN DHCP relay working

In that case your clients are not going ot get IP addresses. You need a route to your DHCP server or your server needs a route back to 172.21.64.0 subnet

I'm not sure what 's your setup, if no dynimic protocol in place stick a static route pointing to next hop that is aware of how to get to your DHCP or is your DHCP directly connected?

 

spgsitsupport
Regular Advisor

Re: Cannot get VLAN DHCP relay working

I do NOT have IP on default Vlan1

I have IP on (management) M-GigabitEthernet0/0/0 interface & I can not input another IP in same subnet due to error:

The subnet overlaps with another interface.

All is plugged into the same switch (DHCP server on LAN & client on Vlan 21), there is nothing dynamic

But what would the next hop?

spgsitsupport
Regular Advisor

Re: Cannot get VLAN DHCP relay working

Isn't that true?:

In multilayer switches the inter-vlan routing is automatic, because are directly connected networks. 
The inter-vlan routing is enabled when you assign a IP address to a VLAN interface
and have a host connected to a port that belongs to this VLAN you created. So you do not need to add static routes in the switch settings. Since you have hosts using each VLAN,
its status in the output of "display ip interface brief" command will be "UP", and you'll can ping among the hosts. You just need to add static or default routes when using a next hop as a gateway or internet path.
pattap
Regular Advisor

Re: Cannot get VLAN DHCP relay working

well you haven't really told us here that your DHCP is connected to the same switch

you need to create a new vlan interface with an IP address in the same range as your DHCP server, then make sure uplink to that server is in that vlan

or if your DHCP server is not used anywehre else you can reconfigure its IP address to something within 172.21.64.0 range and move the uplink to vlan 21 - this won't scale of course so probably not the best idea

spgsitsupport
Regular Advisor

Re: Cannot get VLAN DHCP relay working

It is my main LAN DHCP server (one of the failover ones), so definitely will not be changing its IP!

Unless I change the Management port IP on HPE5900 stack (not something I would want to do), as stated already I can not get Vlan IP in main LAN (where DHCP server is) subnet, something I really see no logic in

The subnet overlaps with another interface

I see it is just way easier to configure DHCP on the switch itself for this VLAN & not bother with relay

pattap
Regular Advisor

Re: Cannot get VLAN DHCP relay working

You need to make sure your clients can talk to the DHCP,  you have your clients and DHCP on different subnet yet you say routing is not existent, how do you expect them to talkto eachother?

You either stick them in the same subnet or add a new vlan with vlan interface and stick your DHCP server in this vlan,  I can't see any other choices here.

if you are so concern with your clients being able to contact DHCP in other ways than they suppose to just put some ACL's in

Also your management interface be better of in a seperate subnet if security is of your concern

spgsitsupport
Regular Advisor

Re: Cannot get VLAN DHCP relay working

All valid points, but I did settle on DHCP from HPE5900 itself. way easier to maanage this way

There is no need to complicate if it can be done simple

As with any security best practices, it is security vs convienience

pattap
Regular Advisor

Re: Cannot get VLAN DHCP relay working

ah yeah I missed that bit, yup that's another solution, setting DHCP server on the switch, good luck

spgsitsupport
Regular Advisor

Re: Cannot get VLAN DHCP relay working

good luck, as in you expect it could fall over?

Seems to work fine so far...

Vince-Whirlwind
Honored Contributor

Re: Cannot get VLAN DHCP relay working

Are you saying your DHCP server (and presumably your other servers) is in the same VLAN/subnet as your switch management?

And now you have DHCP being served from 2 different places?

I'd take a step back if I were you and plan out your network before configuraing stuff.

If you have 2 standalone virtual networks that do not have a Layer3 connection top each other, then each of them needs its own DHCP server.

spgsitsupport
Regular Advisor

Re: Cannot get VLAN DHCP relay working

Issue solved as stated, thanks, no need for any more input (especially one that does not bring anything new or useful)

Vince-Whirlwind
Honored Contributor

Re: Cannot get VLAN DHCP relay working

I guess the main point here is that you should not have production servers in the same VLAN as your management addressing is. And your whole mixup stems from the lack of a proper design.

So the advice here is to now do some proper design and improve your network so that future changes are less painful.

spgsitsupport
Regular Advisor

Re: Cannot get VLAN DHCP relay working

Well, my design was exactly to have management in same Vlan as production servers.
Security vs convienience/ease of use