Traffic flow for DHCP requests is showing wrong source

  • 1
  • Question
  • Updated 4 months ago

We have a core ICX-7450 set up as follows: 

ve 163 - management
ve 2600 - users

When looking at a capture, we see the source of DHCP requests as x.x.163.1 instead of the ve 2600 ip of x.x.207.254. 

The routing table has a static entry for defualt of 0.0.0.0  w/ gateway of x.x.163.2 which is our FW tied to port ve 163. 

Looking at a packet capture from the FW, we see the discover sourced from x.x.163.1 but the offer shows sourced from x.x.207.254

Why is the source different between these two parts of the DHCP process?


Thanks for any assistance.

 

Photo of Lynkdev

Lynkdev

  • 5 Posts
  • 0 Reply Likes

Posted 4 months ago

  • 1
Photo of Hashim Bharoocha

Hashim Bharoocha, Employee

  • 64 Posts
  • 37 Reply Likes
Hi Lynkdev,
Hope you are doing Great!

Can you please do a traceroute to the DHCP  Server, I want to see what path it is taking?
Also did you configure helpers on the two VEs.  Please show the configuration of the ICX for a better understanding, you can scrub off the ip address if you want.

Thanks
Hashim
Photo of Lynkdev

Lynkdev

  • 5 Posts
  • 0 Reply Likes

Hi Hashim,

Thanks for the quick reply on this issue. I've pasted in the requested information.

Traceroute done to our 3 dhcp servers

We have possible loop warning at the bottom showing in the log multiple times, maybe a separate PIM issue.

Also showing multiple ACL blocks for SSH from what looks like end devices which looks strange.



vlan 163 name MGMT-MISC2 by port

 tagged ethe 1/2/1 to 1/2/2 lag 10 lag 25

 untagged ethe 1/1/16 ethe 1/1/20 to 1/1/24

 router-interface ve 163

 

vlan 2600 name USERS by port                                     

 tagged ethe 1/2/1 to 1/2/2

 router-interface ve 2600

 multicast passive

 multicast6 passive

 

interface ve 163

 ip address x.x.163.1 255.255.255.192

 

interface ve 2600

 ip address x.x.207.254 255.255.255.128

 ip helper-address 1 x.x.83.250

 ip helper-address 2 x.x.103.250

 ip helper-address 3 x.x.179.227

 

 

Tracing the route to IP node x.x.83.250(x.x.83.250) from 1 to 30 hops

 

  1    <1 ms   <1 ms   <1 ms x.x.163.2

  2     1 ms    1 ms   <1 ms x.x.150.169

  3   104 ms   *       90 ms x.x.150.138

  4    90 ms   90 ms   90 ms x.x.83.249

  5    90 ms   90 ms   90 ms x.x.83.250

F

#traceroute x.x.103.250

 

Tracing the route to IP node x.x.103.250(x.x.103.250) from 1 to 30 hops

 

  1    <1 ms   <1 ms   <1 ms x.x.163.2

  2     1 ms   <1 ms   <1 ms x.x.150.169

  3   123 ms  123 ms  123 ms x.x.150.138

  4   123 ms  123 ms  123 ms x.x.0.81

  5   123 ms  123 ms  123 ms x.x.103.249

  6   123 ms  130 ms  126 ms x.x.103.250

 

#traceroute x.x.179.227

 

Tracing the route to IP node x.x.179.227(x.x.179.227) from 1 to 30 hops

 

  1    <1 ms   <1 ms   <1 ms x.x.163.2

  2     1 ms   <1 ms   <1 ms x.x.150.169

  3    *       *       *     ?

  4    *       *       *     ?

  5   183 ms  167 ms  167 ms x.x.178.18

  6    *       *       *     ?

  7    *       *       *     ?

  8    *       *       *     ?

  9    *       *       *     ?

 10    *       *       *     ?

 11    *       *       *     ?

 12    *       *       *     ?

 13    *       *       *     ?

 14    *       *       *     ?

 15    *       *       *     ?

 16    *       *       *     ?

 17    *       *       *     ?

 18    *       *       *     ?

 19    *       *       *     ?

 20    *       *       *     ?

 21    *       *       *     ?

 22    *       *       *     ?

 23    *       *       *     ?

 24    *       *       *     ?

 25    *       *       *     ?

 26    *       *       *     ?

 27    *       *       *     ?

 28    *       *       *     ?

 29    *       *       *     ?

 30    *       *       *     ?

 


 

#sh ip route

Total number of IP routes: 10

Type Codes - B:BGP D:Connected O:OSPF R:RIP S:Static; Cost - Dist/Metric

BGP  Codes - i:iBGP e:eBGP

OSPF Codes - i:Inter Area 1:External Type 1 2:External Type 2

        Destination        Gateway         Port          Cost          Type Uptime

1       0.0.0.0/0          x.x.163.2    ve 163        1/1           S    6d16h

2       x.x.91.0/27     DIRECT          ve 2626       0/0           D    6d16h

3       x.x.91.32/27    DIRECT          ve 2612       0/0           D    6d16h

4       x.x.163.0/26    DIRECT          ve 163        0/0           D    6d16h

5       x.x.163.192/26  DIRECT          ve 2          0/0           D    6d16h

6       x.x.164.64/26   DIRECT          ve 1010       0/0           D    6d16h

7       x.x.164.128/26  DIRECT          ve 1050       0/0           D    6d16h

8       x.x.164.192/26  DIRECT          ve 1020       0/0           D    6d16h

9       x.x.207.128/25  DIRECT          ve 2600       0/0           D    6d16h

10      x.x.0.0/24     DIRECT          ve 1030       0/0           D    6d16h

 

ip dhcp relay information policy keep

ip dhcp-client disable

ip forward-protocol udp bootpc

ip forward-protocol udp bootps

ip route 0.0.0.0/0 x.x.163.2 name DEFAULT-ROUTE

ip add-host-route-first

no ip source-route

no ip icmp unreachable

ip tcp keepalive 3 3 3

ip multicast active

 

 

Dynamic Log Buffer (1000 lines):


Sep 26 06:00:09:W:ACL: ACL: List MANAGEMENT denied tcp x.x.207.164(0)( v2600) -> x.x.207.254(22), 4 event(s)

Sep 26 05:56:09:W:ACL: ACL: List MANAGEMENT denied tcp x.x.164.70(0)( v1010) -> x.x.164.65(22), 4 event(s)

Sep 26 05:55:51:W:ACL: ACL: List MANAGEMENT denied tcp x.x.207.164(0)( v2600) -> x.x.207.254(22), 1 event(s)

Sep 26 05:52:39:W:Warning! IGMP receive my own query on VL163 (e1/1/2), possible loop. Conflicting IP: x.x.163.1

Sep 26 05:51:37:W:ACL: ACL: List MANAGEMENT denied tcp x.x.164.70(0)( v1010) -> x.x.164.65(22), 1 event(s)

Sep 26 05:51:09:W:ACL: ACL: List MANAGEMENT denied tcp x.x.207.142(0)( v2600) -> x.x.207.254(22), 4 event(s)

Sep 26 05:46:11:W:ACL: ACL: List MANAGEMENT denied tcp x.x.207.142(0)( v2600) -> x.x.207.254(22), 1 event(s)

Sep 26 05:42:14:W:Warning! IGMP receive my own query on VL163 (e1/1/2), possible loop. Conflicting IP: x.x.163.1

Sep 26 05:36:09:W:ACL: ACL: List MANAGEMENT denied tcp x.x.164.71(0)( v1010) -> x.x.164.65(22), 7 event(s)

Sep 26 05:31:49:W:Warning! IGMP receive my own query on VL163 (e1/1/2), possible loop. Conflicting IP: x.x.163.1

Sep 26 05:31:30:W:ACL: ACL: List MANAGEMENT denied tcp x.x.164.71(0)( v1010) -> x.x.164.65(22), 1 event(s)

Sep 26 05:21:24:W:Warning! IGMP receive my own query on VL163 (e1/1/2), possible loop. Conflicting IP: x.x.163.1

Sep 26 05:12:02:W:ACL: ACL: List 11 denied udp x.x.6.197(0)( v163) -> x.x.163.193(snmp), 1 event(s)

Sep 26 05:11:05:W:ACL: ACL: List MANAGEMENT permitted tcp x.x.163.23(0)( v163) -> x.x.163.1(22), 1 event(s)

Sep 26 05:10:59:W:Warning! IGMP receive my own query on VL163 (e1/1/2), possible loop. Conflicting IP: x.x.163.1

Sep 26 05:00:34:W:Warning! IGMP receive my own query on VL163 (e1/1/2), possible loop. Conflicting IP: x.x.163.1

Sep 26 05:00:09:W:ACL: ACL: List MANAGEMENT denied tcp x.x.207.164(0)( v2600) -> x.x.207.254(22), 4 event(s)

Sep 26 04:56:09:W:ACL: ACL: List MANAGEMENT denied tcp x.x.164.70(0)( v1010) -> x.x.164.65(22), 4 event(s)

Sep 26 04:55:36:W:ACL: ACL: List MANAGEMENT denied tcp x.x.207.164(0)( v2600) -> x.x.207.254(22), 1 event(s)

Sep 26 04:51:33:W:ACL: ACL: List MANAGEMENT denied tcp x.x.164.70(0)( v1010) -> x.x.164.65(22), 1 event(s)

Sep 26 04:50:09:W:ACL: ACL: List MANAGEMENT denied tcp x.x.207.142(0)( v2600) -> x.x.207.254(22), 4 event(s)

 


 



Photo of NETWizz

NETWizz

  • 184 Posts
  • 59 Reply Likes
Okay, so your management is actually your WAN or uplink and you just sized it with a /26 to have up to 62 usable hosts in that network.

What is not working is getting to DHCP server, x.x.179.227 unless of course you have ICMP/PING disabled, which is just breaking traceroute (we really don't know).

On the device with x.x.178.18, if you check its routing table does it have a next hop (or default route) to get closer to whatever subnet x.x.179.227 is on?

Are you running "router PIM" to run your multicast?  If yes, what is the specific purpose in this network because that may be setup wrong to cause...==>  IGMP receive my own query on VL163 (e1/1/2), possible loop. Conflicting IP: x.x.163.1

Probably need to know a LOT more to fix this.


Photo of Hashim Bharoocha

Hashim Bharoocha, Employee

  • 64 Posts
  • 37 Reply Likes

Hi Lynkdev,


Seems like you do not have DHCP server on same subnet as ve 163, so this is routed DHCP that's why discover  is going out on 163 and offer coming in via ve 2600.  Also your default gateway points to x.x.163.2 if unknown route then it will go to default gateway.

interface ve 163

 ip address x.x.163.1 255.255.255.192

 

interface ve 2600

 ip address x.x.207.254 255.255.255.128

 ip helper-address 1 x.x.83.250

 ip helper-address 2 x.x.103.250

 ip helper-address 3 x.x.179.227


I agree with Netwizz, best to open up a ticket with us and work the issues.   Plus ACL  blocking traffic not sure if this was for troubleshooting that you put the ACL.


Thanks

Hashim